diff options
| -rw-r--r-- | .buildkite/pipeline.yml | 12 | ||||
| -rw-r--r-- | .github/workflows/main.yml | 40 | ||||
| -rw-r--r-- | .github/workflows/test.yml | 18 | ||||
| -rw-r--r-- | .github/workflows/trivy.yml | 38 | ||||
| -rw-r--r-- | Makefile | 6 |
5 files changed, 15 insertions, 99 deletions
diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml new file mode 100644 index 0000000..e39a892 --- /dev/null +++ b/.buildkite/pipeline.yml @@ -0,0 +1,12 @@ +--- +steps: + - name: test + id: test + command: make docker-test + + - name: push + branches: [master] + depends_on: [test] + command: | + make docker-push \ + DOCKER_EXTRA_ARGS="-v ${HOME}/.docker:/root/.docker" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index a8a47ef..0000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,40 +0,0 @@ - -name: Build -on: - push: - branches: [ master ] - schedule: - - cron: '5 4 * * *' - workflow_dispatch: - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - run: | - make docker-test - - push: - runs-on: ubuntu-latest - needs: [ build ] - permissions: - packages: write - contents: read - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - uses: docker/login-action@v1 - env: - GITHUB_USER: ${{ github.actor }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - registry: ghcr.io - username: $GITHUB_USER - password: ${{ secrets.GITHUB_TOKEN }} - - - run: | - make docker-push \ - DOCKER_EXTRA_ARGS="-v ${HOME}/.docker:/root/.docker" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 63c8c1b..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,18 +0,0 @@ - -name: Test - -on: - push: - branches: [ master ] - pull_request: - branches: [ master ] - workflow_dispatch: - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - run: | - make docker-test diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml deleted file mode 100644 index ce25513..0000000 --- a/.github/workflows/trivy.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Trivy - -on: - workflow_dispatch: - push: - branches: [ master ] - pull_request: - branches: [ master ] - schedule: - - cron: '28 15 * * 3' - -permissions: - contents: read - -jobs: - build: - permissions: - contents: read - security-events: write - runs-on: "ubuntu-18.04" - steps: - - uses: actions/checkout@v2 - - - run: | - docker build -t docker.io/my-organization/my-app:${{ github.sha }} . - - - uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2 - with: - image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' - format: 'template' - template: '@/contrib/sarif.tpl' - output: 'trivy-results.sarif' - severity: 'CRITICAL,HIGH' - ignore-unfixed: true - - - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: 'trivy-results.sarif' @@ -3,7 +3,7 @@ LANGUAGETOOL_VERSION := 6.0 TRIVY_VERSION := 0.24.2 BUILDARG_VERSION := --build-arg VERSION=$(LANGUAGETOOL_VERSION) -IMAGENAME := ghcr.io/someone-stole-my-name/docker-languagetool +IMAGENAME := docker.io/chn2guevara/languagetool BUILDARG_PLATFORM := --platform linux/amd64,linux/arm64/v8 DOCKER_EXTRA_ARGS := @@ -36,7 +36,7 @@ ci-deps-trivy: ci-setup-buildx: docker run --privileged --rm tonistiigi/binfmt --install all - docker buildx create --name mybuilder + -docker buildx create --name mybuilder docker buildx use mybuilder ci-prepare: ci-deps ci-deps-docker ci-deps-trivy ci-setup-buildx @@ -47,7 +47,7 @@ build: ci-prepare push: ci-prepare docker buildx build $(BUILDARG_VERSION) $(BUILDARG_PLATFORM) -t $(IMAGENAME):latest . --push - docker buildx build $(BUILDARG_VERSION) $(BUILDARG_PLATFORM) -t $(IMAGENAME):$(shell git describe --tags --abbrev=0) . --push + -docker buildx build $(BUILDARG_VERSION) $(BUILDARG_PLATFORM) -t $(IMAGENAME):$(shell git describe --tags --abbrev=0) . --push trivy: trivy i \ |