Skip to content

Commit

Permalink
workflow updates for multiarch
Browse files Browse the repository at this point in the history
  • Loading branch information
@mmguero
mmguero committed May 7, 2024
1 parent a58a128 commit 631874d
Show file tree
Hide file tree
Showing 23 changed files with 601 additions and 85 deletions.
5 changes: 3 additions & 2 deletions .github/workflows/api-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ jobs:
tags: ghcr.io/${{ github.repository_owner }}/malcolm/api:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -138,7 +139,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
35 changes: 31 additions & 4 deletions .github/workflows/arkime-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,43 @@ on:
repository_dispatch:

jobs:
setup:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.value }}
steps:
-
name: Cancel previous run in progress
id: cancel-previous-runs
uses: styfle/[email protected]
with:
ignore_sha: true
all_but_latest: true
access_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Enumerate platforms
id: matrix
run: |
echo "value=[\"linux/amd64\", \"linux/arm64\"]" >> $GITHUB_OUTPUT
-
run: |
echo "${{ steps.matrix.outputs.value }}"
docker:
needs: [ setup ]
runs-on: ubuntu-22.04
permissions:
actions: write
packages: write
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
value: ${{fromJSON(needs.setup.outputs.matrix)}}
steps:
-
name: Cancel previous run in progress
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
all_but_latest: true
Expand Down Expand Up @@ -94,10 +120,11 @@ jobs:
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
MAXMIND_GEOIP_DB_LICENSE_KEY=${{ secrets.MAXMIND_GEOIP_DB_LICENSE_KEY }}
push: true
platforms: linux/amd64,linux/arm64
platforms: ${{ matrix.value }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/arkime:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -113,7 +140,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
35 changes: 31 additions & 4 deletions .github/workflows/dashboards-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,43 @@ on:
repository_dispatch:

jobs:
setup:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.value }}
steps:
-
name: Cancel previous run in progress
id: cancel-previous-runs
uses: styfle/[email protected]
with:
ignore_sha: true
all_but_latest: true
access_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Enumerate platforms
id: matrix
run: |
echo "value=[\"linux/amd64\", \"linux/arm64\"]" >> $GITHUB_OUTPUT
-
run: |
echo "${{ steps.matrix.outputs.value }}"
docker:
needs: [ setup ]
runs-on: ubuntu-22.04
permissions:
actions: write
packages: write
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
value: ${{fromJSON(needs.setup.outputs.matrix)}}
steps:
-
name: Cancel previous run in progress
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
all_but_latest: true
Expand Down Expand Up @@ -93,10 +119,11 @@ jobs:
BUILD_DATE=${{ steps.generate_build_timestamp.outputs.btimestamp }}
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
push: true
platforms: linux/amd64,linux/arm64
platforms: ${{ matrix.value }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/dashboards:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -112,7 +139,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
35 changes: 31 additions & 4 deletions .github/workflows/dashboards-helper-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,43 @@ on:
repository_dispatch:

jobs:
setup:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.value }}
steps:
-
name: Cancel previous run in progress
id: cancel-previous-runs
uses: styfle/[email protected]
with:
ignore_sha: true
all_but_latest: true
access_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Enumerate platforms
id: matrix
run: |
echo "value=[\"linux/amd64\", \"linux/arm64\"]" >> $GITHUB_OUTPUT
-
run: |
echo "${{ steps.matrix.outputs.value }}"
docker:
needs: [ setup ]
runs-on: ubuntu-22.04
permissions:
actions: write
packages: write
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
value: ${{fromJSON(needs.setup.outputs.matrix)}}
steps:
-
name: Cancel previous run in progress
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
all_but_latest: true
Expand Down Expand Up @@ -93,10 +119,11 @@ jobs:
BUILD_DATE=${{ steps.generate_build_timestamp.outputs.btimestamp }}
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
push: true
platforms: linux/amd64,linux/arm64
platforms: ${{ matrix.value }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/dashboards-helper:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -112,7 +139,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
35 changes: 31 additions & 4 deletions .github/workflows/dirinit-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,17 +13,43 @@ on:
repository_dispatch:

jobs:
setup:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.value }}
steps:
-
name: Cancel previous run in progress
id: cancel-previous-runs
uses: styfle/[email protected]
with:
ignore_sha: true
all_but_latest: true
access_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Enumerate platforms
id: matrix
run: |
echo "value=[\"linux/amd64\", \"linux/arm64\"]" >> $GITHUB_OUTPUT
-
run: |
echo "${{ steps.matrix.outputs.value }}"
docker:
needs: [ setup ]
runs-on: ubuntu-22.04
permissions:
actions: write
packages: write
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
value: ${{fromJSON(needs.setup.outputs.matrix)}}
steps:
-
name: Cancel previous run in progress
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
all_but_latest: true
Expand Down Expand Up @@ -81,10 +107,11 @@ jobs:
BUILD_DATE=${{ steps.generate_build_timestamp.outputs.btimestamp }}
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
push: true
platforms: linux/amd64,linux/arm64
platforms: ${{ matrix.value }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/dirinit:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -100,7 +127,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
35 changes: 31 additions & 4 deletions .github/workflows/file-monitor-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,17 +23,43 @@ on:
repository_dispatch:

jobs:
setup:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.value }}
steps:
-
name: Cancel previous run in progress
id: cancel-previous-runs
uses: styfle/[email protected]
with:
ignore_sha: true
all_but_latest: true
access_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Enumerate platforms
id: matrix
run: |
echo "value=[\"linux/amd64\", \"linux/arm64\"]" >> $GITHUB_OUTPUT
-
run: |
echo "${{ steps.matrix.outputs.value }}"
docker:
needs: [ setup ]
runs-on: ubuntu-22.04
permissions:
actions: write
packages: write
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
value: ${{fromJSON(needs.setup.outputs.matrix)}}
steps:
-
name: Cancel previous run in progress
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
all_but_latest: true
Expand Down Expand Up @@ -91,10 +117,11 @@ jobs:
BUILD_DATE=${{ steps.generate_build_timestamp.outputs.btimestamp }}
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
push: true
platforms: linux/amd64,linux/arm64
platforms: ${{ matrix.value }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/file-monitor:${{ steps.extract_branch.outputs.branch }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.value }} == 'linux/amd64'
id: trivy-scan
uses: aquasecurity/trivy-action@master
with:
Expand All @@ -110,7 +137,7 @@ jobs:
exit-code: '0'
-
name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
if: ${{ matrix.value }} == 'linux/amd64'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
Loading

0 comments on commit 631874d

Please sign in to comment.