diff --git a/.github/workflows/jenkins-agent-ansible-pr.yaml b/.github/workflows/jenkins-agent-ansible-pr.yaml index 0e7ac2d5c..2857a9e49 100644 --- a/.github/workflows/jenkins-agent-ansible-pr.yaml +++ b/.github/workflows/jenkins-agent-ansible-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-ansible-publish.yaml b/.github/workflows/jenkins-agent-ansible-publish.yaml new file mode 100644 index 000000000..48a1185fd --- /dev/null +++ b/.github/workflows/jenkins-agent-ansible-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-ansible-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-ansible/version.json + - .github/workflows/jenkins-agent-ansible-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-ansible + image_name: jenkins-agent-ansible + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-arachni-pr.yaml b/.github/workflows/jenkins-agent-arachni-pr.yaml index bc88b8372..40e9bff7b 100644 --- a/.github/workflows/jenkins-agent-arachni-pr.yaml +++ b/.github/workflows/jenkins-agent-arachni-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-arachni-publish.yaml b/.github/workflows/jenkins-agent-arachni-publish.yaml new file mode 100644 index 000000000..3ba9e9900 --- /dev/null +++ b/.github/workflows/jenkins-agent-arachni-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-arachni-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-arachni/version.json + - .github/workflows/jenkins-agent-arachni-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-arachni + image_name: jenkins-agent-arachni + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-argocd-pr.yaml b/.github/workflows/jenkins-agent-argocd-pr.yaml index f8d52d30c..dcc79afea 100644 --- a/.github/workflows/jenkins-agent-argocd-pr.yaml +++ b/.github/workflows/jenkins-agent-argocd-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-argocd-publish.yaml b/.github/workflows/jenkins-agent-argocd-publish.yaml new file mode 100644 index 000000000..0e0a0e29c --- /dev/null +++ b/.github/workflows/jenkins-agent-argocd-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-argocd-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-argocd/version.json + - .github/workflows/jenkins-agent-argocd-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-argocd + image_name: jenkins-agent-argocd + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-conftest-pr.yaml b/.github/workflows/jenkins-agent-conftest-pr.yaml index 39c589f00..f4b60ac31 100644 --- a/.github/workflows/jenkins-agent-conftest-pr.yaml +++ b/.github/workflows/jenkins-agent-conftest-pr.yaml @@ -18,6 +18,17 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-conftest-publish.yaml b/.github/workflows/jenkins-agent-conftest-publish.yaml new file mode 100644 index 000000000..171e125c9 --- /dev/null +++ b/.github/workflows/jenkins-agent-conftest-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-conftest-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-conftest/version.json + - .github/workflows/jenkins-agent-conftest-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-conftest + image_name: jenkins-agent-conftest + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-cosign-pr.yaml b/.github/workflows/jenkins-agent-cosign-pr.yaml index a4b978572..8190267cd 100644 --- a/.github/workflows/jenkins-agent-cosign-pr.yaml +++ b/.github/workflows/jenkins-agent-cosign-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-cosign-publish.yaml b/.github/workflows/jenkins-agent-cosign-publish.yaml new file mode 100644 index 000000000..57e2e6c92 --- /dev/null +++ b/.github/workflows/jenkins-agent-cosign-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-cosign-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-cosign/version.json + - .github/workflows/jenkins-agent-cosign-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-cosign + image_name: jenkins-agent-cosign + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-erlang-pr.yaml b/.github/workflows/jenkins-agent-erlang-pr.yaml index 96f397b46..34d0ce7c6 100644 --- a/.github/workflows/jenkins-agent-erlang-pr.yaml +++ b/.github/workflows/jenkins-agent-erlang-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-erlang-publish.yaml b/.github/workflows/jenkins-agent-erlang-publish.yaml new file mode 100644 index 000000000..94dcde1b4 --- /dev/null +++ b/.github/workflows/jenkins-agent-erlang-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-erlang-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-erlang/version.json + - .github/workflows/jenkins-agent-erlang-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-erlang + image_name: jenkins-agent-erlang + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-golang-pr.yaml b/.github/workflows/jenkins-agent-golang-pr.yaml index 0619a0685..c87b2eb33 100644 --- a/.github/workflows/jenkins-agent-golang-pr.yaml +++ b/.github/workflows/jenkins-agent-golang-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-golang-publish.yaml b/.github/workflows/jenkins-agent-golang-publish.yaml new file mode 100644 index 000000000..28feb882b --- /dev/null +++ b/.github/workflows/jenkins-agent-golang-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-golang-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-golang/version.json + - .github/workflows/jenkins-agent-golang-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-golang + image_name: jenkins-agent-golang + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-graalvm-pr.yaml b/.github/workflows/jenkins-agent-graalvm-pr.yaml index 925ae907a..6684fe754 100644 --- a/.github/workflows/jenkins-agent-graalvm-pr.yaml +++ b/.github/workflows/jenkins-agent-graalvm-pr.yaml @@ -18,6 +18,18 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-graalvm-publish.yaml b/.github/workflows/jenkins-agent-graalvm-publish.yaml new file mode 100644 index 000000000..f4212ac2d --- /dev/null +++ b/.github/workflows/jenkins-agent-graalvm-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-graalvm-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-graalvm/version.json + - .github/workflows/jenkins-agent-graalvm-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-graalvm + image_name: jenkins-agent-graalvm + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-gradle-pr.yaml b/.github/workflows/jenkins-agent-gradle-pr.yaml index 456ebefd8..c3224ff6e 100644 --- a/.github/workflows/jenkins-agent-gradle-pr.yaml +++ b/.github/workflows/jenkins-agent-gradle-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-gradle-publish.yaml b/.github/workflows/jenkins-agent-gradle-publish.yaml new file mode 100644 index 000000000..ddd945292 --- /dev/null +++ b/.github/workflows/jenkins-agent-gradle-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-gradle-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-gradle/version.json + - .github/workflows/jenkins-agent-gradle-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-gradle + image_name: jenkins-agent-gradle + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-helm-pr.yaml b/.github/workflows/jenkins-agent-helm-pr.yaml index 7a55d5b0f..9b0daeeeb 100644 --- a/.github/workflows/jenkins-agent-helm-pr.yaml +++ b/.github/workflows/jenkins-agent-helm-pr.yaml @@ -18,6 +18,17 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-helm-publish.yaml b/.github/workflows/jenkins-agent-helm-publish.yaml new file mode 100644 index 000000000..a59f93a58 --- /dev/null +++ b/.github/workflows/jenkins-agent-helm-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-helm-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-helm/version.json + - .github/workflows/jenkins-agent-helm-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-helm + image_name: jenkins-agent-helm + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-hugo-pr.yaml b/.github/workflows/jenkins-agent-hugo-pr.yaml index 596f7461f..0a7cfb907 100644 --- a/.github/workflows/jenkins-agent-hugo-pr.yaml +++ b/.github/workflows/jenkins-agent-hugo-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-hugo-publish.yaml b/.github/workflows/jenkins-agent-hugo-publish.yaml new file mode 100644 index 000000000..ced968213 --- /dev/null +++ b/.github/workflows/jenkins-agent-hugo-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-hugo-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-hugo/version.json + - .github/workflows/jenkins-agent-hugo-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-hugo + image_name: jenkins-agent-hugo + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-image-mgmt-pr.yaml b/.github/workflows/jenkins-agent-image-mgmt-pr.yaml index 3ca61577b..42e708cf5 100644 --- a/.github/workflows/jenkins-agent-image-mgmt-pr.yaml +++ b/.github/workflows/jenkins-agent-image-mgmt-pr.yaml @@ -27,6 +27,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-mongodb-pr.yaml b/.github/workflows/jenkins-agent-mongodb-pr.yaml index e4bc8c3c5..4238e77a1 100644 --- a/.github/workflows/jenkins-agent-mongodb-pr.yaml +++ b/.github/workflows/jenkins-agent-mongodb-pr.yaml @@ -22,6 +22,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-mongodb-publish.yaml b/.github/workflows/jenkins-agent-mongodb-publish.yaml new file mode 100644 index 000000000..ebe76009c --- /dev/null +++ b/.github/workflows/jenkins-agent-mongodb-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-mongodb-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-mongodb/version.json + - .github/workflows/jenkins-agent-mongodb-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-mongodb + image_name: jenkins-agent-mongodb + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/.github/workflows/jenkins-agent-mvn-pr.yaml b/.github/workflows/jenkins-agent-mvn-pr.yaml index 02bfa2236..4def7292f 100644 --- a/.github/workflows/jenkins-agent-mvn-pr.yaml +++ b/.github/workflows/jenkins-agent-mvn-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-npm-pr.yaml b/.github/workflows/jenkins-agent-npm-pr.yaml index eafd0d008..8528d0725 100644 --- a/.github/workflows/jenkins-agent-npm-pr.yaml +++ b/.github/workflows/jenkins-agent-npm-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-npm-publish.yaml b/.github/workflows/jenkins-agent-npm-publish.yaml new file mode 100644 index 000000000..4b8e49932 --- /dev/null +++ b/.github/workflows/jenkins-agent-npm-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-npm-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-npm/version.json + - .github/workflows/jenkins-agent-npm-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-npm + image_name: jenkins-agent-npm + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} diff --git a/.github/workflows/jenkins-agent-pr.yaml b/.github/workflows/jenkins-agent-pr.yaml index ffb8adc1d..33e4b506d 100644 --- a/.github/workflows/jenkins-agent-pr.yaml +++ b/.github/workflows/jenkins-agent-pr.yaml @@ -28,6 +28,13 @@ jobs: with: dockerfile: ${{ env.context }}/Dockerfile + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-python-pr.yaml b/.github/workflows/jenkins-agent-python-pr.yaml index 572c792e5..5c582a302 100644 --- a/.github/workflows/jenkins-agent-python-pr.yaml +++ b/.github/workflows/jenkins-agent-python-pr.yaml @@ -40,6 +40,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-ruby-pr.yaml b/.github/workflows/jenkins-agent-ruby-pr.yaml index 0dd9a135d..4f6557e1c 100644 --- a/.github/workflows/jenkins-agent-ruby-pr.yaml +++ b/.github/workflows/jenkins-agent-ruby-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-ruby-publish.yaml b/.github/workflows/jenkins-agent-ruby-publish.yaml new file mode 100644 index 000000000..e30723fbb --- /dev/null +++ b/.github/workflows/jenkins-agent-ruby-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-ruby-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-ruby/version.json + - .github/workflows/jenkins-agent-ruby-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-ruby + image_name: jenkins-agent-ruby + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} diff --git a/.github/workflows/jenkins-agent-rust-pr.yaml b/.github/workflows/jenkins-agent-rust-pr.yaml index 73e3fdaf6..dbd6c4cb0 100644 --- a/.github/workflows/jenkins-agent-rust-pr.yaml +++ b/.github/workflows/jenkins-agent-rust-pr.yaml @@ -23,6 +23,13 @@ jobs: dockerfile: ${{ env.context }}/Dockerfile ignore: DL3041 + - name: Log into ghcr.io + uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1 + with: + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-rust-publish.yaml b/.github/workflows/jenkins-agent-rust-publish.yaml new file mode 100644 index 000000000..b90754de9 --- /dev/null +++ b/.github/workflows/jenkins-agent-rust-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-rust-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-rust/version.json + - .github/workflows/jenkins-agent-rust-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-rust + image_name: jenkins-agent-rust + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} diff --git a/jenkins-agents/jenkins-agent-ansible/version.json b/jenkins-agents/jenkins-agent-ansible/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-ansible/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-arachni/version.json b/jenkins-agents/jenkins-agent-arachni/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-arachni/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-argocd/version.json b/jenkins-agents/jenkins-agent-argocd/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-argocd/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-conftest/Dockerfile b/jenkins-agents/jenkins-agent-conftest/Dockerfile index 6c6118bb6..152205f42 100644 --- a/jenkins-agents/jenkins-agent-conftest/Dockerfile +++ b/jenkins-agents/jenkins-agent-conftest/Dockerfile @@ -1,20 +1,40 @@ -FROM quay.io/redhat-cop/jenkins-agent-python:v1.2@sha256:fad872a01fb7013d782b1dccb5c46de38c8e853c158bb42b87db7696d6dbb012 -# ^ needed to install the python yq library 🐍 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder + +SHELL ["/bin/bash", "-c"] -# renovate: datasource=github-releases depName=bats-core/bats-core -ARG BATS_VERSION=v1.10.0 -# renovate: datasource=pypi depName=yq -ARG YQ_VERSION=3.2.3 # renovate: datasource=github-releases depName=open-policy-agent/conftest ARG CONFTEST_VERSION=v0.47.0 +RUN curl -L "https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz" -o /tmp/conftest.tar.gz && \ + tar -xzf /tmp/conftest.tar.gz && \ + mv conftest /usr/local/bin/conftest && \ + conftest --version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent-python:v4.14 + +LABEL name="redhat-cop/jenkins-agent-conftest" \ + io.k8s.display-name="Jenkins Agent Conftest" \ + io.k8s.description="The jenkins agent conftest." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-conftest" + +SHELL ["/bin/bash", "-c"] + +# renovate: datasource=github-releases depName=bats-core/bats-core +ARG BATS_VERSION=v1.10.0 USER root -RUN curl --fail -sL https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz | tar zxf - -C /usr/local/bin conftest && \ - curl --fail -sL https://github.com/bats-core/bats-core/archive/${BATS_VERSION}.tar.gz | tar zxf - -C /tmp && \ - ./tmp/bats-core-${BATS_VERSION//v}/install.sh /usr/local && \ - echo "na na na na na na na na na 🦇👨‍🦰" && \ - rm -rf /tmp/bats* && \ - pip install yq==${YQ_VERSION} +COPY --from=builder /usr/local/bin/conftest /usr/local/bin/conftest + +COPY requirements.txt /requirements.txt +RUN pip3.11 install --no-cache-dir -r /requirements.txt && \ + curl -L "https://github.com/bats-core/bats-core/archive/${BATS_VERSION}.tar.gz" -o /tmp/bats.tar.gz && \ + tar -C /tmp -xzf /tmp/bats.tar.gz && \ + "/tmp/bats-core-${BATS_VERSION//v}/install.sh" /usr/local USER 1001 + +RUN yq --version && \ + bats --version && \ + conftest --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-conftest/requirements.txt b/jenkins-agents/jenkins-agent-conftest/requirements.txt new file mode 100644 index 000000000..297244a3b --- /dev/null +++ b/jenkins-agents/jenkins-agent-conftest/requirements.txt @@ -0,0 +1 @@ +yq==3.2.3 \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-conftest/version.json b/jenkins-agents/jenkins-agent-conftest/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-conftest/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-cosign/version.json b/jenkins-agents/jenkins-agent-cosign/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-cosign/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-erlang/version.json b/jenkins-agents/jenkins-agent-erlang/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-erlang/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-golang/version.json b/jenkins-agents/jenkins-agent-golang/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-golang/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-graalvm/Dockerfile b/jenkins-agents/jenkins-agent-graalvm/Dockerfile index 1d053a681..235d93eff 100644 --- a/jenkins-agents/jenkins-agent-graalvm/Dockerfile +++ b/jenkins-agents/jenkins-agent-graalvm/Dockerfile @@ -1,41 +1,58 @@ -FROM quay.io/openshift/origin-jenkins-agent-maven:4.14@sha256:4a8671c25216b1b44bf47a363ec37d503568fa2f75ef1a010e2284ac1cc5df46 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -ARG GRAAL_VERSION=20.3.3.0-Final -ENV GRAALVM_HOME=/opt/mandrelJDK -ENV GRAAL_CE_URL=https://github.com/graalvm/mandrel/releases/download/mandrel-${GRAAL_VERSION}/mandrel-java11-linux-amd64-${GRAAL_VERSION}.tar.gz -# renovate: datasource=github-releases depName=helm/helm -ARG HELM_VERSION=v3.6.3 +SHELL ["/bin/bash", "-c"] + +# renovate: datasource=github-releases depName=graalvm/mandrel +ARG GRAAL_VERSION=mandrel-21.3.4.0-Final # renovate: datasource=github-releases depName=stedolan/jq ARG JQ_VERSION=1.6 -# renovate: datasource=repology depName=homebrew/openshift-cli -ARG OC_VERSION=4.14.5 # renovate: datasource=github-releases depName=mikefarah/yq ARG YQ_VERSION=v4.40.5 +# renovate: datasource=github-releases depName=helm/helm +ARG HELM_VERSION=v3.13.3 -ADD settings.xml $HOME/.m2/settings.xml -ADD ubi8.repo /tmp/ubi8.repo +RUN curl -L "https://github.com/graalvm/mandrel/releases/download/${GRAAL_VERSION}/mandrel-java11-linux-amd64-${GRAAL_VERSION//mandrel-}.tar.gz" -o mandrel-java11.tar.gz && \ + tar -xzf mandrel-java11.tar.gz && \ + mv "mandrel-java11-${GRAAL_VERSION//mandrel-}" /opt/mandrel-java11 -USER root -RUN rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/ubi8.repo /etc/yum.repos.d/ubi8.repo && \ - dnf -y update --allowerasing && \ - dnf install -y gcc gcc-c++ glibc-static glibc-devel zlib-devel && \ - ### tools - mkdir -p ${GRAALVM_HOME} && \ - cd ${GRAALVM_HOME} && \ - curl -fsSL $GRAAL_CE_URL | tar -xzC ${GRAALVM_HOME} --strip-components=1 && \ - curl -Lo /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ +RUN curl -L "https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64" -o /usr/local/bin/jq && \ chmod +x /usr/local/bin/jq && \ - curl -L https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar --strip-components=1 -C /usr/local/bin -xzf - linux-amd64/helm && \ - curl -Lo /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 && \ + jq --version + +RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ chmod +x /usr/local/bin/yq && \ - rm -f /usr/bin/oc && \ - curl -sL https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux.tar.gz \ - | tar zxf - -C /usr/local/bin oc kubectl && \ - ### Cleanup - dnf clean all && \ - rm -rf /var/cache/yum + yq --version + +RUN curl -L "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz" -o /tmp/helm.tar.gz && \ + tar -xzf /tmp/helm.tar.gz && \ + mv linux-amd64/helm /usr/local/bin/helm && \ + helm version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent-mvn:v4.14 + +LABEL name="redhat-cop/jenkins-agent-graalvm" \ + io.k8s.display-name="Jenkins Agent graalvm" \ + io.k8s.description="The jenkins agent graalvm." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-graalvm" + +USER root + +RUN dnf install --nodocs -y gcc gcc-c++ glibc-static glibc-devel zlib-devel && \ + dnf clean all + +COPY --from=builder /usr/local/bin/jq /usr/local/bin/jq +COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq +COPY --from=builder /usr/local/bin/helm /usr/local/bin/helm +COPY --from=builder /opt/mandrel-java11 /opt/mandrel-java11 USER 1001 -WORKDIR ${USER_HOME_DIR} -ENV PATH ${PATH}:${GRAALVM_HOME}/bin + +ENV GRAALVM_HOME=/opt/mandrel-java11 +ENV PATH="${PATH}:${GRAALVM_HOME}/bin" + +RUN jq --version && \ + yq --version && \ + helm version && \ + native-image --version diff --git a/jenkins-agents/jenkins-agent-graalvm/settings.xml b/jenkins-agents/jenkins-agent-graalvm/settings.xml deleted file mode 100644 index 8b5177c5b..000000000 --- a/jenkins-agents/jenkins-agent-graalvm/settings.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - maven-public - http://nexus:8081/repository/maven-public/ - * - - - - - nexus - admin - admin123 - - - diff --git a/jenkins-agents/jenkins-agent-graalvm/ubi8.repo b/jenkins-agents/jenkins-agent-graalvm/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-graalvm/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent-graalvm/version.json b/jenkins-agents/jenkins-agent-graalvm/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-graalvm/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-gradle/version.json b/jenkins-agents/jenkins-agent-gradle/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-gradle/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-helm/Dockerfile b/jenkins-agents/jenkins-agent-helm/Dockerfile index 13703bab4..ef7f4b7bb 100644 --- a/jenkins-agents/jenkins-agent-helm/Dockerfile +++ b/jenkins-agents/jenkins-agent-helm/Dockerfile @@ -1,54 +1,69 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -# renovate: datasource=github-releases depName=helm/helm -ARG HELM_VERSION=v3.13.2 +SHELL ["/bin/bash", "-c"] + +# renovate: datasource=github-releases depName=stedolan/jq +ARG JQ_VERSION=1.6 # renovate: datasource=github-releases depName=mikefarah/yq ARG YQ_VERSION=v4.40.5 -# renovate: datasource=github-releases depName=helm/chart-testing -ARG CT_VERSION=v3.10.1 -# renovate: datasource=repology depName=homebrew/openshift-cli -ARG OPENSHIFT_CLIENT_VERSION=4.14.5 +# renovate: datasource=github-releases depName=helm/helm +ARG HELM_VERSION=v3.13.3 # renovate: datasource=github-releases depName=open-policy-agent/conftest ARG CONFTEST_VERSION=v0.47.0 # renovate: datasource=github-releases depName=stackrox/kube-linter ARG KUBE_LINTER_VERSION=v0.6.5 +# renovate: datasource=github-releases depName=helm/chart-testing +ARG CT_VERSION=v3.10.1 + +RUN curl -L "https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64" -o /usr/local/bin/jq && \ + chmod +x /usr/local/bin/jq && \ + jq --version + +RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ + chmod +x /usr/local/bin/yq && \ + yq --version + +RUN curl -L "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz" -o /tmp/helm.tar.gz && \ + tar -xzf /tmp/helm.tar.gz && \ + mv linux-amd64/helm /usr/local/bin/helm && \ + helm version + +RUN curl -L "https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz" -o /tmp/conftest.tar.gz && \ + tar -xzf /tmp/conftest.tar.gz && \ + mv conftest /usr/local/bin/conftest && \ + conftest --version + +RUN curl -L "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz" -o /tmp/kube-linter-linux.tar.gz && \ + tar -xzf /tmp/kube-linter-linux.tar.gz && \ + mv kube-linter /usr/local/bin/kube-linter && \ + kube-linter version + +RUN curl -L "https://github.com/helm/chart-testing/releases/download/${CT_VERSION}/chart-testing_${CT_VERSION//v}_linux_amd64.tar.gz" -o /tmp/chart-testing.tar.gz && \ + tar -C /tmp -xzf /tmp/chart-testing.tar.gz && \ + mv /tmp/ct /usr/local/bin/ct && \ + ct version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent-python:v4.14 + +LABEL name="redhat-cop/jenkins-agent-helm" \ + io.k8s.display-name="Jenkins Agent helm" \ + io.k8s.description="The jenkins agent helm." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-helm" + +COPY --from=builder /usr/local/bin/jq /usr/local/bin/jq +COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq +COPY --from=builder /usr/local/bin/helm /usr/local/bin/helm +COPY --from=builder /usr/local/bin/conftest /usr/local/bin/conftest +COPY --from=builder /usr/local/bin/kube-linter /usr/local/bin/kube-linter +COPY --from=builder /usr/local/bin/ct /usr/local/bin/ct +COPY --from=builder /tmp/etc ${HOME}/.ct -## Required in order to avoid ct "ascii codec can't encode character" error -ENV PYTHONIOENCODING=utf-8 \ - LANG=C.UTF-8 \ - LANGUAGE=C.UTF-8 \ - LC_ALL=C.UTF-8 - -COPY ubi8.repo /tmp/ - -## Install helm, yq, conftest & kube-linter -RUN curl -sL https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar zxf - -C /usr/local/bin --strip-components=1 linux-amd64/helm && \ - curl -sL https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz | tar zxf - -C /usr/local/bin conftest && \ - curl -sL https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz | tar zxf - -C /usr/local/bin kube-linter && \ - curl -sL https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 -o /usr/local/bin/yq && \ - chmod -R 755 /usr/local/bin/yq - -## Install ct -RUN curl -sL -o /tmp/chart-testing.tar.gz https://github.com/helm/chart-testing/releases/download/${CT_VERSION}/chart-testing_${CT_VERSION//v}_linux_amd64.tar.gz && \ - mkdir ${HOME}/.ct && \ - tar zxf /tmp/chart-testing.tar.gz -C /usr/local/bin ct && \ - tar zxf /tmp/chart-testing.tar.gz -C ${HOME}/.ct --strip-components=1 etc && \ - rm /tmp/chart-testing.tar.gz - -## Install git, python 3.8, yamale, and yamllint -RUN INSTALL_PKGS="git python38 python38-pip" && \ - rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/ubi8.repo /etc/yum.repos.d/ubi8.repo && \ - dnf -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \ - dnf -y clean all && \ - alternatives --set python3 /usr/bin/python3.8 && \ - python3 -m pip install yamale==3.0.1 && \ - python3 -m pip install yamllint==1.24.1 && \ - chmod -R 775 /var/lib/alternatives && \ - chmod -R 775 /etc/alternatives - -## Install oc and kubectl -RUN curl -sL https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OPENSHIFT_CLIENT_VERSION}/openshift-client-linux.tar.gz \ - | tar zxf - -C /usr/local/bin oc kubectl - -USER 1001 +RUN jq --version && \ + yq --version && \ + helm version && \ + conftest --version && \ + kube-linter version && \ + ct version && \ + ls -l "${HOME}/.ct" \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-helm/ubi8.repo b/jenkins-agents/jenkins-agent-helm/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-helm/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent-helm/version.json b/jenkins-agents/jenkins-agent-helm/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-helm/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-hugo/version.json b/jenkins-agents/jenkins-agent-hugo/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-hugo/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-image-mgmt/version.json b/jenkins-agents/jenkins-agent-image-mgmt/version.json index 8515dd5ec..7805748c6 100644 --- a/jenkins-agents/jenkins-agent-image-mgmt/version.json +++ b/jenkins-agents/jenkins-agent-image-mgmt/version.json @@ -1 +1 @@ -{"version":"v1.5.2"} +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-mongodb/version.json b/jenkins-agents/jenkins-agent-mongodb/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-mongodb/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-npm/package.json b/jenkins-agents/jenkins-agent-npm/package.json index 4bcd070e0..77d516ee5 100644 --- a/jenkins-agents/jenkins-agent-npm/package.json +++ b/jenkins-agents/jenkins-agent-npm/package.json @@ -3,6 +3,6 @@ "version": "1.0.0", "description": "Provides a docker image of the nodejs v12 runtime with npm for use as a Jenkins agent.", "devDependencies": { - "sonar-scanner": "^3.1.0" + "sonar-scanner": "3.1.0" } } diff --git a/jenkins-agents/jenkins-agent-npm/version.json b/jenkins-agents/jenkins-agent-npm/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-npm/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-ruby/version.json b/jenkins-agents/jenkins-agent-ruby/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-ruby/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-rust/version.json b/jenkins-agents/jenkins-agent-rust/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-rust/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"}