diff --git a/.github/workflows/build-node.yml b/.github/workflows/build-node.yml index 68b93af..ade3e54 100644 --- a/.github/workflows/build-node.yml +++ b/.github/workflows/build-node.yml @@ -13,28 +13,28 @@ on: required: true jobs: - build-node-image: + build-node-18-image: uses: ./.github/workflows/build-image.yml with: image_path: containers/node image_name: node-pipeline image_tag: "18" + build_args: | + NODE_VERSION=v18.18.2 + NODE_CHECKSUM=75aba25ae76999309fc6c598efe56ce53fbfc221381a44a840864276264ab8ac + NODE_CHECKSUM_ARM=2e630e18548627f61eaf573233da7949dc0a1df5eef3f486fa9820c5f6c121aa secrets: DOCKER_USERNAME: ${{ secrets.BOT_DOCKER_USERNAME }} DOCKER_TOKEN: ${{ secrets.BOT_DOCKER_TOKEN }} GH_USERNAME: ${{ secrets.BOT_USER }} GH_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} - build-node-20-image: + build-node-image: uses: ./.github/workflows/build-image.yml with: image_path: containers/node image_name: node-pipeline image_tag: "20" - build_args: | - NODE_VERSION=v20.8.0 - NODE_CHECKSUM=66056a2acc368db142b8a9258d0539e18538ae832b3ccb316671b0d35cb7c72c - NODE_CHECKSUM_ARM=ec2d98894d58d07260e61e6a70b88cabea98292f0b2801cbeebd864d242e1087 secrets: DOCKER_USERNAME: ${{ secrets.BOT_DOCKER_USERNAME }} DOCKER_TOKEN: ${{ secrets.BOT_DOCKER_TOKEN }} diff --git a/containers/base/Dockerfile b/containers/base/Dockerfile index da91ad4..ae4af9e 100644 --- a/containers/base/Dockerfile +++ b/containers/base/Dockerfile @@ -7,9 +7,9 @@ ARG COSIGN_VERSION=v2.2.0 ARG COSIGN_CHECKSUM=5e4791fb7a5efaaa98da651534789ec985ce8ac9c31910a810fc249f86ba2ef9 ARG COSIGN_CHECKSUM_ARM=5adbb7b1d38ac19a15c6bd9a61725baa16f61e23611534eb5e6d377dc024e102 -ARG SYFT_VERSION=0.93.0 -ARG SYFT_CHECKSUM=5fb0eb70c0f618e9a8b93d68b59da4b5758164b1aacc062e2150341baf7acc73 -ARG SYFT_CHECKSUM_ARM=f2f8889305350ee3a53a012246acfa10b59b7aee67e9b6a2e811f05b67f74588 +ARG SYFT_VERSION=0.94.0 +ARG SYFT_CHECKSUM=a18f10ba6add219b2680687450869db3c6a8b71e68ca6ae3925f9e53964cacbd +ARG SYFT_CHECKSUM_ARM=7a6dc03e02565e1008d93c6083181b1699cde3da15ab975e21ef7ae7c3e5caa1 ARG DEBIAN_FRONTEND=noninteractive diff --git a/containers/docker/docker_helpers.sh b/containers/docker/docker_helpers.sh index c37407f..baeda2d 100755 --- a/containers/docker/docker_helpers.sh +++ b/containers/docker/docker_helpers.sh @@ -10,6 +10,22 @@ docker_login() { echo "${password}" | docker login --username "${username}" --password-stdin "${server}" } +docker_build() { + local CONTEXT_PATH="${1}" + local FILE_PATH="${2}" + local OUTPUT="${3}" + local PLATFORMS="${4}" + local IMAGE_TAG="${5}" + local COMMIT_SHA="${6}" + local VERSION="${7}" + local ADDITIONAL_FLAGS="${8}" + + IFS=$'\n' + docker buildx build "${CONTEXT_PATH}" --file="${FILE_PATH}" --output="${OUTPUT}" --platform="${PLATFORMS}" \ + --tag="${IMAGE_TAG}" --build-arg="COMMIT_SHA=${COMMIT_SHA}" --build-arg="VERSION=${VERSION}" \ + --provenance="false" ${ADDITIONAL_FLAGS} +} + docker_retag_image() { local image_to_retag="${1}" local retagged_image="${2}" @@ -37,10 +53,6 @@ docker_create_sbom_and_sign_image() { fi } -docker_clean_tag() { - echo "${1}" | perl -pe 's/^v(?P(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)(?:-(?:(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+(?:[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)$/$+{semver}/' -} - setup_docker_context() { # to avoid weird situation where the context or builder are not # properly deleted between runs we ensure to clean them up diff --git a/containers/go/Dockerfile b/containers/go/Dockerfile index b83c9d5..3859a60 100644 --- a/containers/go/Dockerfile +++ b/containers/go/Dockerfile @@ -8,9 +8,9 @@ ARG DEBIAN_FRONTEND=noninteractive ARG GO_VERSION=1.21.3 ARG GO_CHECKSUM=1241381b2843fae5a9707eec1f8fb2ef94d827990582c7c7c32f5bdfbfd420c8 ARG GO_CHECKSUM_ARM=fc90fa48ae97ba6368eecb914343590bbb61b388089510d0c56c2dde52987ef3 -ARG GOLANGCI_VERSION=1.54.2 -ARG LINT_CHECKSUM=17c9ca05253efe833d47f38caf670aad2202b5e6515879a99873fabd4c7452b3 -ARG LINT_CHECKSUM_ARM=a9f14b33473c65fcfbf411ec054b53a87dbb849f4e09ee438f1ee76dbf3f3d4e +ARG GOLANGCI_VERSION=1.55.1 +ARG LINT_CHECKSUM=cef6f21add7326e159822b779d366bed15eb741e686b0429c3e5e04fe77998ef +ARG LINT_CHECKSUM_ARM=e60932eaa35e5965dae3d70fd9a046027f181ee0914378db16bcfa7256f5e213 ARG GORELEASER_VERSION=v1.21.2 ARG GORELEASER_CHECKSUM=b669dbe65c3eeb99ce9a014d4115c6050cd100edc1e74c1569b1df6b175e5d0f ARG GORELEASER_CHECKSUM_ARM=1f762e7aada4c5a6634be1a72cf89d763cad2e213b1394eb046cc0c3854533bd diff --git a/containers/node/Dockerfile b/containers/node/Dockerfile index 5cbbd92..1b385d8 100644 --- a/containers/node/Dockerfile +++ b/containers/node/Dockerfile @@ -3,9 +3,9 @@ FROM ghcr.io/mia-platform/base-pipeline:1 ARG TARGETARCH -ARG NODE_VERSION=v18.18.1 -ARG NODE_CHECKSUM=1db684d7da5fec4ae335ac5d8049a10a8bf30bad9e1d0aa9dcd92baa1f90c6e5 -ARG NODE_CHECKSUM_ARM=753f90c57173948d06e750a01c49466c3af532e915abead90fd07507daa98ff1 +ARG NODE_VERSION=v20.9.0 +ARG NODE_CHECKSUM=9033989810bf86220ae46b1381bdcdc6c83a0294869ba2ad39e1061f1e69217a +ARG NODE_CHECKSUM_ARM=ced3ecece4b7c3a664bca3d9e34a0e3b9a31078525283a6fdb7ea2de8ca5683b ARG DEBIAN_FRONTEND=noninteractive RUN case "${TARGETARCH}" in \ diff --git a/containers/sysdig/Dockerfile b/containers/sysdig/Dockerfile index 8ab294f..92f7873 100644 --- a/containers/sysdig/Dockerfile +++ b/containers/sysdig/Dockerfile @@ -5,9 +5,9 @@ ARG TARGETARCH ARG DOCKER_VERSION=24.0.6 -ARG SYSDIG_SCANNER_VERSION=1.5.2 -ARG SYSDIG_SCANNER_CHECKSUM=95b64c1203237ce772a476187f8039d36786f9801ba6fe47b62f5e4375dccbe8 -ARG SYSDIG_SCANNER_CHECKSUM_ARM=17b7f9cb6ed43ee4983879b10bb47884a9efe5f119af0c169fb7e97558cb30a2 +ARG SYSDIG_SCANNER_VERSION=1.6.1 +ARG SYSDIG_SCANNER_CHECKSUM=e94d9b10a04f98bd1821c5c51f975c804a894a9dd73017d9e8f6d912f7be297d +ARG SYSDIG_SCANNER_CHECKSUM_ARM=a66931454e87f44d8b85058c989efae178a8374ad5764777c3222f3d68e00347 # install docker RUN arch="$(uname -m)"; \