mcsps
diff --git a/‎.github/dependabot.yml‎
Lines changed: 42 additions & 0 deletions b/‎.github/dependabot.yml‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎.github/workflows/busybox.yaml‎
Lines changed: 10 additions & 11 deletions b/‎.github/workflows/busybox.yaml‎
Lines changed: 10 additions & 11 deletions
diff --git a/‎.github/workflows/etcd-tools.yaml‎
Lines changed: 10 additions & 11 deletions b/‎.github/workflows/etcd-tools.yaml‎
Lines changed: 10 additions & 11 deletions
diff --git a/‎.github/workflows/golang.yaml‎
Lines changed: 11 additions & 20 deletions b/‎.github/workflows/golang.yaml‎
Lines changed: 11 additions & 20 deletions
diff --git a/‎.github/workflows/kubectl.yaml‎
Lines changed: 64 additions & 0 deletions b/‎.github/workflows/kubectl.yaml‎
Lines changed: 64 additions & 0 deletions
diff --git a/‎.github/workflows/mimir.yaml‎
Lines changed: 11 additions & 20 deletions b/‎.github/workflows/mimir.yaml‎
Lines changed: 11 additions & 20 deletions
@@ -0,0 +1,42 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+version: 2
+updates:
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/busybox" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/etcd-tools" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/golang" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/kubectl" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/mimir" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/nginx-non-root" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/s3cmd" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/socat" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/utils" # Location of package manifests
+    schedule:
+      interval: "weekly"
@@ -27,7 +27,6 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            mtr.devops.telekom.de/mcsps/busybox
             ghcr.io/mcsps/busybox
           tags: |
             type=ref,event=tag
@@ -42,32 +41,32 @@ jobs:
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Login to MTR
-        uses: docker/login-action@v3
-        with:
-          registry: mtr.devops.telekom.de
-          username: ${{ secrets.MTR_USERNAME }}
-          password: ${{ secrets.MTR_PASSWORD }}
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build and push
+      - name: Build (PR only)
+        if: github.event_name == 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./busybox
+          platforms: linux/amd64,linux/arm64
+          push: false
+      - name: Build and push (merge only)
+        if: github.event_name == 'push'
         uses: docker/build-push-action@v5
-        id: build-push
         with:
           context: ./busybox
           platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            mtr.devops.telekom.de/mcsps/busybox:latest
             ghcr.io/mcsps/busybox:latest
             ${{ steps.meta.outputs.tags }}
       - name: Sign Push
+        if: github.event_name == 'push'
         run: |
-          cosign sign --key env://COSIGN_KEY --tlog-upload=false mtr.devops.telekom.de/mcsps/busybox@${{ steps.build-push.outputs.digest }}
           cosign sign --key env://COSIGN_KEY --tlog-upload=false ghcr.io/mcsps/busybox@${{ steps.build-push.outputs.digest }}
         env:
           COSIGN_KEY: ${{secrets.COSIGN_KEY}}
@@ -27,7 +27,6 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            mtr.devops.telekom.de/mcsps/etcd-tools
             ghcr.io/mcsps/etcd-tools
           tags: |
             type=ref,event=tag
@@ -42,32 +41,32 @@ jobs:
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Login to MTR
-        uses: docker/login-action@v3
-        with:
-          registry: mtr.devops.telekom.de
-          username: ${{ secrets.MTR_USERNAME }}
-          password: ${{ secrets.MTR_PASSWORD }}
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build and push
+      - name: Build (PR only)
+        if: github.event_name == 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./etcd-tools
+          platforms: linux/amd64,linux/arm64
+          push: false
+      - name: Build and push (merge only)
+        if: github.event_name == 'push'
         uses: docker/build-push-action@v5
-        id: build-push
         with:
           context: ./etcd-tools
           platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            mtr.devops.telekom.de/mcsps/etcd-tools:latest
             ghcr.io/mcsps/etcd-tools:latest
             ${{ steps.meta.outputs.tags }}
       - name: Sign Push
+        if: github.event_name == 'push'
         run: |
-          cosign sign --key env://COSIGN_KEY --tlog-upload=false mtr.devops.telekom.de/mcsps/etcd-tools@${{ steps.build-push.outputs.digest }}
           cosign sign --key env://COSIGN_KEY --tlog-upload=false ghcr.io/mcsps/etcd-tools@${{ steps.build-push.outputs.digest }}
         env:
           COSIGN_KEY: ${{secrets.COSIGN_KEY}}
@@ -2,14 +2,8 @@ name: Build Image golang
 
 on:
   push:
-    branches:
-      - dev
-    tags:
-      - "*"
     paths: 
     - 'golang/*'
-  schedule:
-    - cron: "15 4 1 * *"
 
 jobs:
   build:
@@ -27,13 +21,10 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            mtr.devops.telekom.de/mcsps/golang
             ghcr.io/mcsps/golang
           tags: |
-            type=ref,event=tag
-            type=ref,event=branch
-            type=ref,event=pr
             type=raw,value=latest
+            type=semver,pattern={{version}},value=1.25.0 # change also in the Dockerfile
       - name: Install Cosign
         uses: sigstore/cosign-installer@main
         with:
@@ -42,32 +33,32 @@ jobs:
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Login to MTR
-        uses: docker/login-action@v3
-        with:
-          registry: mtr.devops.telekom.de
-          username: ${{ secrets.MTR_USERNAME }}
-          password: ${{ secrets.MTR_PASSWORD }}
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build and push
+      - name: Build (PR only)
+        if: github.event_name == 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./golang
+          platforms: linux/amd64,linux/arm64
+          push: false
+      - name: Build and push (merge only)
+        if: github.event_name == 'push'
         uses: docker/build-push-action@v5
-        id: build-push
         with:
           context: ./golang
           platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            mtr.devops.telekom.de/mcsps/golang:latest
             ghcr.io/mcsps/golang:latest
             ${{ steps.meta.outputs.tags }}
       - name: Sign Push
+        if: github.event_name == 'push'
         run: |
-          cosign sign --key env://COSIGN_KEY --tlog-upload=false mtr.devops.telekom.de/mcsps/golang@${{ steps.build-push.outputs.digest }}
           cosign sign --key env://COSIGN_KEY --tlog-upload=false ghcr.io/mcsps/golang@${{ steps.build-push.outputs.digest }}
         env:
           COSIGN_KEY: ${{secrets.COSIGN_KEY}}
@@ -0,0 +1,64 @@
+name: Build Image kubectl
+
+on:
+  push:
+    paths: 
+    - 'kubectl/*'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/mcsps/kubectl
+          tags: |
+            type=semver,pattern={{version}},value=v1.35.0 # change also in the Dockerfile
+            type=semver,pattern={{major}}.{{minor}},value=v1.35.0 # change also in the Dockerfile
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@main
+        with:
+          cosign-release: "v2.4.0"
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build (PR only)
+        if: github.event_name == 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./kubectl
+          platforms: linux/amd64,linux/arm64
+          push: false
+      - name: Build and push (merge only)
+        if: github.event_name == 'push'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./kubectl
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ghcr.io/mcsps/kubectl:latest
+            ${{ steps.meta.outputs.tags }}
+      - name: Sign Push
+        if: github.event_name == 'push'
+        run: |
+          cosign sign --key env://COSIGN_KEY --tlog-upload=false ghcr.io/mcsps/kubectl@${{ steps.build-push.outputs.digest }}
+        env:
+          COSIGN_KEY: ${{secrets.COSIGN_KEY}}
@@ -2,14 +2,8 @@ name: Build Image mimir
 
 on:
   push:
-    branches:
-      - dev
-    tags:
-      - "*"
     paths: 
     - 'mimir/*'
-  schedule:
-    - cron: "15 4 1 * *"
 
 jobs:
   build:
@@ -27,13 +21,10 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            mtr.devops.telekom.de/mcsps/mimir
             ghcr.io/mcsps/mimir
           tags: |
-            type=ref,event=tag
-            type=ref,event=branch
-            type=ref,event=pr
             type=raw,value=latest
+            type=semver,pattern={{version}},value=3.0.0 # change also in the Dockerfile
       - name: Install Cosign
         uses: sigstore/cosign-installer@main
         with:
@@ -42,32 +33,32 @@ jobs:
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Login to MTR
-        uses: docker/login-action@v3
-        with:
-          registry: mtr.devops.telekom.de
-          username: ${{ secrets.MTR_USERNAME }}
-          password: ${{ secrets.MTR_PASSWORD }}
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build and push
+      - name: Build (PR only)
+        if: github.event_name == 'pull_request'
+        uses: docker/build-push-action@v5
+        with:
+          context: ./mimir
+          platforms: linux/amd64,linux/arm64
+          push: false
+      - name: Build and push (merge only)
+        if: github.event_name == 'push'
         uses: docker/build-push-action@v5
-        id: build-push
         with:
           context: ./mimir
           platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            mtr.devops.telekom.de/mcsps/mimir:latest
             ghcr.io/mcsps/mimir:latest
             ${{ steps.meta.outputs.tags }}
       - name: Sign Push
+        if: github.event_name == 'push'
         run: |
-          cosign sign --key env://COSIGN_KEY --tlog-upload=false mtr.devops.telekom.de/mcsps/mimir@${{ steps.build-push.outputs.digest }}
           cosign sign --key env://COSIGN_KEY --tlog-upload=false ghcr.io/mcsps/mimir@${{ steps.build-push.outputs.digest }}
         env:
           COSIGN_KEY: ${{secrets.COSIGN_KEY}}