From acedd66d764419a4cf59bef4ababe73f5878bb68 Mon Sep 17 00:00:00 2001 From: maldwg Date: Mon, 16 Mar 2026 14:55:20 +0100 Subject: [PATCH 1/7] First draft adapting pipeline to ghcrio pushes --- .github/workflows/build_publish_docker.yml | 29 +++++++++++----------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index f6af6ccf..50e88902 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -9,8 +9,8 @@ on: branches: [ "main" ] env: - REGISTRY: docker.io - IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/heidgaf + REGISTRY: ghcr.io + IMAGE_NAME: hamstring-ndr/hamstring jobs: @@ -26,7 +26,8 @@ jobs: "logcollector", "logserver", "prefilter", - "monitoring" + "monitoring", + "zeek" ] permissions: contents: read @@ -47,8 +48,8 @@ jobs: uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} - name: Extract Docker metadata id: meta @@ -81,12 +82,12 @@ jobs: cache-from: type=gha cache-to: type=gha,mode=max - - name: Docker Hub Description - uses: peter-evans/dockerhub-description@v3 - if: github.event_name != 'pull_request' - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - repository: ${{ env.IMAGE_NAME }}-${{ matrix.container }} - short-description: ${{ github.event.repository.description }} - readme-filepath: ./README.md + # - name: Docker Hub Description + # uses: peter-evans/dockerhub-description@v3 + # if: github.event_name != 'pull_request' + # with: + # username: ${{ secrets.DOCKER_USERNAME }} + # password: ${{ secrets.DOCKER_PASSWORD }} + # repository: ${{ env.IMAGE_NAME }}-${{ matrix.container }} + # short-description: ${{ github.event.repository.description }} + # readme-filepath: ./README.md From 4ef3f772d19e296b377cbcca98ae0869adcf68dc Mon Sep 17 00:00:00 2001 From: maldwg Date: Mon, 16 Mar 2026 14:57:06 +0100 Subject: [PATCH 2/7] add temporary manual build trigger --- .github/workflows/build_publish_docker.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index 50e88902..9a340d54 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -7,6 +7,8 @@ on: tags: [ 'v*.*.*' ] pull_request: branches: [ "main" ] + workflow_dispatch: + env: REGISTRY: ghcr.io From c831dff03f3654dd9dc8dd6ef05bda3a4d8d8a6f Mon Sep 17 00:00:00 2001 From: maldwg Date: Mon, 16 Mar 2026 14:58:23 +0100 Subject: [PATCH 3/7] Add second build trigger --- .github/workflows/build_publish_docker.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index 9a340d54..cc6419a9 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -2,13 +2,11 @@ name: Docker Build and Publish CI on: push: - branches: [ "main" ] + branches: [ "main", "feature/publish-ghcrio"] # Publish semver tags as releases. tags: [ 'v*.*.*' ] pull_request: branches: [ "main" ] - workflow_dispatch: - env: REGISTRY: ghcr.io From 55eae2221772090f0ab4c9493d1d25d2ecdac320 Mon Sep 17 00:00:00 2001 From: maldwg Date: Tue, 17 Mar 2026 12:58:57 +0100 Subject: [PATCH 4/7] try fixing the label issues --- .github/workflows/build_publish_docker.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index cc6419a9..d6523ca5 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -55,7 +55,9 @@ jobs: id: meta uses: docker/metadata-action@v5.5.1 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-${{ matrix.container }} + images: | + ${{ env.REGISTRY }}/${{ github.repository }} + - name: Build and push Docker image (${{ steps.meta.outputs.tags }}) if: github.event_name != 'pull_request' && contains(github.ref, '/tags/v') From 4488212fc20015553b27be38d7c7b1de353f604d Mon Sep 17 00:00:00 2001 From: maldwg Date: Tue, 17 Mar 2026 13:07:36 +0100 Subject: [PATCH 5/7] adjustment for ghcrio tags --- .github/workflows/build_publish_docker.yml | 27 ++++++++-------------- 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index d6523ca5..05b83f27 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -10,7 +10,6 @@ on: env: REGISTRY: ghcr.io - IMAGE_NAME: hamstring-ndr/hamstring jobs: @@ -56,29 +55,21 @@ jobs: uses: docker/metadata-action@v5.5.1 with: images: | - ${{ env.REGISTRY }}/${{ github.repository }} - + ${{ env.REGISTRY }}/${{ github.repository }}-${{ matrix.container }} + tags: | + type=raw,value=latest + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} - - name: Build and push Docker image (${{ steps.meta.outputs.tags }}) - if: github.event_name != 'pull_request' && contains(github.ref, '/tags/v') + - name: Build and push Docker image + if: github.event_name != 'pull_request' id: build-and-push uses: docker/build-push-action@v3 with: context: . push: ${{ github.event_name != 'pull_request' }} - tags: "${{ steps.meta.outputs.tags }}" - labels: ${{ steps.meta.outputs.labels }} - file: ./docker/dockerfiles/Dockerfile.${{ matrix.container }} - cache-from: type=gha - cache-to: type=gha,mode=max - - - name: Build and push Docker image (latest) - id: build-and-push-latest - uses: docker/build-push-action@v3 - with: - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ env.IMAGE_NAME }}-${{ matrix.container }}:latest + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} file: ./docker/dockerfiles/Dockerfile.${{ matrix.container }} cache-from: type=gha From 99ed19c9e59c48d02b633e832c9525c43886ba71 Mon Sep 17 00:00:00 2001 From: maldwg Date: Tue, 17 Mar 2026 13:07:58 +0100 Subject: [PATCH 6/7] remove zeek from build steps --- .github/workflows/build_publish_docker.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index 05b83f27..84b2b281 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -25,8 +25,7 @@ jobs: "logcollector", "logserver", "prefilter", - "monitoring", - "zeek" + "monitoring" ] permissions: contents: read From 319d613b458addc32829a4d5ee03779880f6de9a Mon Sep 17 00:00:00 2001 From: maldwg Date: Tue, 17 Mar 2026 13:10:16 +0100 Subject: [PATCH 7/7] remove test branch for building images --- .github/workflows/build_publish_docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_publish_docker.yml b/.github/workflows/build_publish_docker.yml index 84b2b281..a208142b 100644 --- a/.github/workflows/build_publish_docker.yml +++ b/.github/workflows/build_publish_docker.yml @@ -2,7 +2,7 @@ name: Docker Build and Publish CI on: push: - branches: [ "main", "feature/publish-ghcrio"] + branches: [ "main" ] # Publish semver tags as releases. tags: [ 'v*.*.*' ] pull_request: