Create docker-publish.yml

[pixelsquared]

Summary

Setup GitHub actions to build docker image because Docker Hub's Build system does not support git submodules.

Checklist

Delete any items that are not applicable to this PR.

• [ ] Update Documentation was added for features that require explanation or tutorials

Enhancements:

• Github actions to build the docker image
• Push build image to Docker Hub and Github

Fixed Bug/Issues solved:

fixes #226

Braking Changes:

None

[Dexus]

@pixelsquared good idea so far.

Can you please use the Makefile to build the images?

It build the apk packages in the submodules and also after it the images.

Feel free to modify the Makefile to mach the needs.

[pixelsquared]

@Dexus I am working the the step to build the apk packages with the makefile.

I do have some questions.

• Do we need to store a key to sign the packages?
• What do you think about building the apk packages in the other repo and just downloading them in this one?

If you have any other ideas on the best way to automate the apk packages build with github action that would be helpful.

[Dexus]

@pixelsquared

• Do we need to store a key to sign the packages?

Current if it not run on a "static" system it will automatic create a new pub and priv key -> but we can create and reuse one and store them. Did not yet use git actions because all out typical works are done in jenkins or azure pipelines.

• What do you think about building the apk packages in the other repo and just downloading them in this one?

This could be a option, but because docker-openvas also use it, we should make sure it also works with the submodule variant and the Makefile, because of my build system here need it to build based on this a bit more complex systems.

When we build the apk in the submodule, and also publish after build include the output files in apk-build/target (from here) it should work also without the Makefile.

I think we should thougth about the release managment for the APK-BUILDs, from that point we can create the best release managment for the gvm and openvas images.

A other way could be submodule but with multi-step building in the Dockerfile to build all the apk on releases.

I'm currently not sure what you like to do, or what your thoughts on this are.

[Dexus]

Some Mentions for the Workflow:

• Build APK artifacts: https://github.com/marketplace/actions/upload-a-build-artifact
• Download APK Artifacts: https://github.com/dawidd6/action-download-artifact

Or build all from here:

• https://github.com/addnab/docker-run-action

[pixelsquared]

@Dexus Thanks for your feedback I am going to try creating a action in GVM-APK-build to build the packages.

I also do not have much experience with Github actions.

[Dexus]

@pixelsquared

I started with a first test integration. Github actions are very similar to Azure stuff. What might be the reason for that? MS has bought github. So I'll be happy to continue this tomorrow, and then we can see which approach makes more sense.

If you have some time later, feel free to have a look and maybe you'll see exactly what you like or dislike and share it with me.

https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker/tree/github-action-dexus-2

EDIT:

228 for the share minds and thoughts