search

GoogleCloudPlatform / cloud-run-button

Let anyone deploy your GitHub repos to Google Cloud Run with a single click
https://cloud.run
Apache License 2.0
526 stars 91 forks source link

Capture source context for build container image #155

Open steren opened 4 years ago

steren commented 4 years ago

Cloud Run will soon display information from the Container Analysis API related to the provenance of the deployed container image.

Because the button literally deploys from GitHub, it would be very useful to capture which GitHub repo and commit were used to build the container, so that users can know if they are up to date.

jamesward commented 4 years ago

Cool. By "capture" you just mean, let the user know more explicitly, or put that info somewhere?

steren commented 4 years ago

I mean automatically send the info the the Container Analysis API.

ahmetb commented 4 years ago

I think this is doable. I havent understood the api fully but I’m assuming it only works with sha256 refs; not tags. That would likely only work for Dockerfile mode where we can collect the sha256 ref of the image from stdout if docker build cmd.

steren commented 4 years ago

this is what needs to be populated.

In Java, I've been told it's at occurrence.getBuild().getProvenance().getSourceProvenance().getContext().getGit()

ahmetb commented 4 years ago

API is quite damn cryptic but I believe I can GET some of the Occurrences and work my way from there...