Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-08-07 14:55:27 +02:00
Code Issues Releases Activity

chore(binaries): upgrade binaries [EE-6253] (#10529)

Browse source
This commit is contained in:
Matt Hook 2023-10-27 15:40:06 +13:00 committed by GitHub
parent 30e4b3e68c
commit 8ee718f808
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 167 additions and 195 deletions
Download patch file Download diff file Expand all files Collapse all files

60
.github/workflows/ci.yaml vendored
View file

@ -4,20 +4,20 @@ on:
workflow_dispatch:
push:
branches:
- "develop"
- "!release/*"
- 'develop'
- '!release/*'
pull_request:
branches:
- "develop"
- "release/*"
- "feat/*"
- "fix/*"
- "refactor/*"
- 'develop'
- 'release/*'
- 'feat/*'
- 'fix/*'
- 'refactor/*'
env:
DOCKER_HUB_REPO: portainerci/portainer
NODE_ENV: testing
GO_VERSION: 1.21.0
GO_VERSION: 1.21.3
NODE_VERSION: 18.x
jobs:
@ -31,22 +31,22 @@ jobs:
- { platform: windows, arch: amd64, version: ltsc2022 }
runs-on: arc-runner-set
steps:
- name: "[preparation] checkout the current branch"
- name: '[preparation] checkout the current branch'
uses: actions/checkout@v3.5.3
with:
ref: ${{ github.event.inputs.branch }}
- name: "[preparation] set up golang"
- name: '[preparation] set up golang'
uses: actions/setup-go@v4.0.1
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: "[preparation] cache paths"
- name: '[preparation] cache paths'
id: cache-dir-path
run: |
echo "yarn-cache-dir=$(yarn cache dir)" >> "$GITHUB_OUTPUT"
echo "go-build-dir=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod-dir=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: "[preparation] cache go"
- name: '[preparation] cache go'
uses: actions/cache@v3
with:
path: |
@ -56,12 +56,12 @@ jobs:
restore-keys: |
${{ matrix.config.platform }}-${{ matrix.config.arch }}-go-
enableCrossOsArchive: true
- name: "[preparation] set up node.js"
- name: '[preparation] set up node.js'
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: ''
- name: "[preparation] cache yarn"
- name: '[preparation] cache yarn'
uses: actions/cache@v3
with:
path: |
@ -71,35 +71,35 @@ jobs:
restore-keys: |
${{ matrix.config.platform }}-${{ matrix.config.arch }}-yarn-
enableCrossOsArchive: true
- name: "[preparation] set up qemu"
- name: '[preparation] set up qemu'
uses: docker/setup-qemu-action@v2
- name: "[preparation] set up docker context for buildx"
- name: '[preparation] set up docker context for buildx'
run: docker context create builders
- name: "[preparation] set up docker buildx"
- name: '[preparation] set up docker buildx'
uses: docker/setup-buildx-action@v2
with:
endpoint: builders
- name: "[preparation] docker login"
- name: '[preparation] docker login'
uses: docker/login-action@v2.2.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: "[preparation] set the container image tag"
- name: '[preparation] set the container image tag'
run: |
if [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then
CONTAINER_IMAGE_TAG="pr${{ github.event.number }}"
else
CONTAINER_IMAGE_TAG=$(echo $GITHUB_REF_NAME | sed 's/\//-/g')
fi
if [ "${{ matrix.config.platform }}" == "windows" ]; then
CONTAINER_IMAGE_TAG="${CONTAINER_IMAGE_TAG}-${{ matrix.config.platform }}${{ matrix.config.version }}-${{ matrix.config.arch }}"
else
CONTAINER_IMAGE_TAG="${CONTAINER_IMAGE_TAG}-${{ matrix.config.platform }}-${{ matrix.config.arch }}"
fi
echo "CONTAINER_IMAGE_TAG=${CONTAINER_IMAGE_TAG}" >> $GITHUB_ENV
- name: "[execution] build linux & windows portainer binaries"
- name: '[execution] build linux & windows portainer binaries'
run: |
export YARN_VERSION=$(yarn --version)
export WEBPACK_VERSION=$(yarn list webpack --depth=0 | grep webpack | awk -F@ '{print $2}')
@ -107,8 +107,8 @@ jobs:
make build-all PLATFORM=${{ matrix.config.platform }} ARCH=${{ matrix.config.arch }} ENV=${NODE_ENV}
env:
CONTAINER_IMAGE_TAG: ${{ env.CONTAINER_IMAGE_TAG }}
- name: "[execution] build and push docker images"
run: |
- name: '[execution] build and push docker images'
run: |
if [ "${{ matrix.config.platform }}" == "windows" ]; then
mv dist/portainer dist/portainer.exe
docker buildx build --output=type=registry --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} --build-arg OSVERSION=${{ matrix.config.version }} -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" -f build/${{ matrix.config.platform }}/Dockerfile .
@ -122,27 +122,27 @@ jobs:
runs-on: arc-runner-set
needs: [build_images]
steps:
- name: "[preparation] docker login"
- name: '[preparation] docker login'
uses: docker/login-action@v2.2.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: "[preparation] set up docker context for buildx"
- name: '[preparation] set up docker context for buildx'
run: docker version && docker context create builders
- name: "[preparation] set up docker buildx"
- name: '[preparation] set up docker buildx'
uses: docker/setup-buildx-action@v2
with:
endpoint: builders
- name: "[execution] build and push manifests"
- name: '[execution] build and push manifests'
run: |
if [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then
CONTAINER_IMAGE_TAG="pr${{ github.event.number }}"
else
CONTAINER_IMAGE_TAG=$(echo $GITHUB_REF_NAME | sed 's/\//-/g')
fi
docker buildx imagetools create -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" \
"${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-linux-amd64" \
"${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-linux-arm64" \
"${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-windows1809-amd64" \
"${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-windowsltsc2022-amd64"
"${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-windowsltsc2022-amd64"

5
.github/workflows/lint.yml vendored
View file

@ -12,6 +12,9 @@ on:
- develop
- release/*
env:
GO_VERSION: 1.21.3
jobs:
run-linters:
name: Run linters
@ -25,7 +28,7 @@ jobs:
cache: 'yarn'
- uses: actions/setup-go@v4
with:
go-version: 1.21.0
go-version: ${{ env.GO_VERSION }}
- run: yarn --frozen-lockfile
- name: Run linters
uses: wearerequired/lint-action@v1

19
.github/workflows/nightly-security-scan.yml vendored
View file

@ -5,6 +5,9 @@ on:
- cron: '0 20 * * *'
workflow_dispatch:
env:
GO_VERSION: 1.21.3
jobs:
client-dependencies:
name: Client Dependency Check
@ -25,7 +28,7 @@ jobs:
with:
json: true
- name: upload scan result as develop artifact
- name: upload scan result as develop artifact
uses: actions/upload-artifact@v3
with:
name: js-security-scan-develop-result
@ -41,7 +44,7 @@ jobs:
name: html-js-result-${{github.run_id}}
path: js-result.html
- name: analyse vulnerabilities
- name: analyse vulnerabilities
id: set-matrix
run: |
result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=snyk --path="/data/snyk.json" --output-type=matrix)
@ -58,10 +61,10 @@ jobs:
- name: checkout repository
uses: actions/checkout@master
- name: install Go
- name: install Go
uses: actions/setup-go@v3
with:
go-version: '1.21.0'
go-version: ${{ env.GO_VERSION }}
- name: download Go modules
run: cd ./api && go get -t -v -d ./...
@ -74,7 +77,7 @@ jobs:
yarn global add snyk
snyk test --file=./go.mod --json-file-output=snyk.json 2>/dev/null || :
- name: upload scan result as develop artifact
- name: upload scan result as develop artifact
uses: actions/upload-artifact@v3
with:
name: go-security-scan-develop-result
@ -104,7 +107,7 @@ jobs:
outputs:
image: ${{ steps.set-matrix.outputs.image_result }}
steps:
- name: scan vulnerabilities by Trivy
- name: scan vulnerabilities by Trivy
uses: docker://docker.io/aquasec/trivy:latest
continue-on-error: true
with:
@ -153,8 +156,8 @@ jobs:
echo "${{ matrix.go.summary }}"
echo "${{ matrix.image.summary }}"
- name: send message to Slack
if: >-
- name: send message to Slack
if: >-
matrix.js.status == 'failure' ||
matrix.go.status == 'failure' ||
matrix.image.status == 'failure'

14
.github/workflows/pr-security.yml vendored
View file

@ -14,6 +14,10 @@ on:
- 'build/windows/Dockerfile'
- '.github/workflows/pr-security.yml'
env:
GO_VERSION: 1.21.3
NODE_VERSION: 18.x
jobs:
client-dependencies:
name: Client Dependency Check
@ -84,7 +88,7 @@ jobs:
- name: install Go
uses: actions/setup-go@v3
with:
go-version: '1.21.0'
go-version: ${{ env.GO_VERSION }}
- name: download Go modules
run: cd ./api && go get -t -v -d ./...
@ -143,15 +147,15 @@ jobs:
- name: checkout code
uses: actions/checkout@master
- name: install Go 1.21.0
- name: install Go
uses: actions/setup-go@v3
with:
go-version: '1.21.0'
go-version: ${{ env.GO_VERSION }}
- name: install Node.js 18.x
- name: install Node.js
uses: actions/setup-node@v3
with:
node-version: 18.x
node-version: ${{ env.NODE_VERSION }}
- name: Install packages
run: yarn --frozen-lockfile

10
.github/workflows/test.yaml vendored
View file

@ -1,5 +1,11 @@
name: Test
on: push
env:
GO_VERSION: 1.21.3
NODE_VERSION: 18.x
jobs:
test-client:
runs-on: ubuntu-latest
@ -8,7 +14,7 @@ jobs:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '18'
node-version: ${{ env.NODE_VERSION }}
cache: 'yarn'
- run: yarn --frozen-lockfile
@ -27,6 +33,6 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 1.21.0
go-version: ${{ env.GO_VERSION }}
- name: Run tests
run: make test-server

8
.github/workflows/validate-openapi-spec.yaml vendored
View file

@ -7,6 +7,10 @@ on:
- develop
- 'release/*'
env:
GO_VERSION: 1.21.3
NODE_VERSION: 18.x
jobs:
openapi-spec:
runs-on: ubuntu-latest
@ -15,13 +19,13 @@ jobs:
- uses: actions/setup-go@v3
with:
go-version: '1.21.0'
go-version: ${{ env.GO_VERSION }}
- name: Download golang modules
run: cd ./api && go get -t -v -d ./...
- uses: actions/setup-node@v3
with:
node-version: '18'
node-version: ${{ env.NODE_VERSION }}
cache: 'yarn'
- run: yarn --frozen-lockfile