Skip to content
PR Images

feat: add Grafana dashboard, ServiceMonitor, and monitoring compose overlay #23

Sign in to view logs

feat: add Grafana dashboard, ServiceMonitor, and monitoring compose overlay

feat: add Grafana dashboard, ServiceMonitor, and monitoring compose overlay #23

Workflow file for this run

.github/workflows/pr-images.yml at 9e6b39f
name: PR Images
on:
pull_request:
branches: [main]
types: [opened, synchronize, reopened]
env:
REGISTRY: ghcr.io
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
pull-requests: write
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
run: |
PR_NUMBER=${{ github.event.pull_request.number }}
SHORT_SHA=$(echo "${{ github.event.pull_request.head.sha }}" | cut -c1-7)
echo "TAG=pr-${PR_NUMBER}-${SHORT_SHA}" >> $GITHUB_OUTPUT
echo "IMAGE_PREFIX=ghcr.io/${GITHUB_REPOSITORY_OWNER,,}" >> $GITHUB_OUTPUT
# Build amd64 first for fast availability (native build)
- name: Build and push gatekeeperd (amd64)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.IMAGE_PREFIX }}/gatekeeperd:${{ steps.meta.outputs.TAG }}
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and push gatekeeper-relay (amd64)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.relay
push: true
tags: ${{ steps.meta.outputs.IMAGE_PREFIX }}/gatekeeper-relay:${{ steps.meta.outputs.TAG }}
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
# Then build multi-arch (updates tags in-place with manifest)
- name: Build and push gatekeeperd (multi-arch)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.IMAGE_PREFIX }}/gatekeeperd:${{ steps.meta.outputs.TAG }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and push gatekeeper-relay (multi-arch)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.relay
push: true
tags: ${{ steps.meta.outputs.IMAGE_PREFIX }}/gatekeeper-relay:${{ steps.meta.outputs.TAG }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Comment on PR with image tags
uses: actions/github-script@v7
with:
script: |
const tag = '${{ steps.meta.outputs.TAG }}';
const prefix = '${{ steps.meta.outputs.IMAGE_PREFIX }}';
const body = `## Docker Images Built
Images are available for testing:
\`\`\`bash
# gatekeeperd
docker pull ${prefix}/gatekeeperd:${tag}
# gatekeeper-relay
docker pull ${prefix}/gatekeeper-relay:${tag}
\`\`\`
### docker-compose.yml
\`\`\`bash
GATEKEEPERD_IMAGE=${prefix}/gatekeeperd:${tag} \\
RELAY_IMAGE=${prefix}/gatekeeper-relay:${tag} \\
docker-compose --profile relay up
\`\`\`
### Helm (values override)
\`\`\`yaml
image:
repository: ${prefix}/gatekeeperd # or gatekeeper-relay
tag: "${tag}"
\`\`\`
Images expire ~15 days after PR closes.`;
// Find existing comment
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
});
const botComment = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('## Docker Images Built')
);
if (botComment) {
await github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: botComment.id,
body: body
});
} else {
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
body: body
});
}