From 5cab42d6e294a15ce0814ad469ccb2b5ae7cccf7 Mon Sep 17 00:00:00 2001 From: Luca Comellini Date: Fri, 28 Jun 2024 10:46:03 -0700 Subject: [PATCH] Fixes for dependabot and automated builds --- .github/workflows/docker.yml | 2 +- .github/workflows/system-testing.yml | 9 ++++----- .github/workflows/update-docker-images.yml | 20 ++++++++------------ Dockerfile | 14 +++++++------- Makefile | 2 +- build/Dockerfile | 2 +- 6 files changed, 22 insertions(+), 27 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 45477d85..73d9f480 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -37,7 +37,7 @@ jobs: - name: Output Variables id: var run: | - echo "nginx_version=$(grep -m1 'ARG BUILD_NGINX_VERSION=' > $GITHUB_OUTPUT + echo "nginx_version=$(grep -m1 'FROM nginx:' > $GITHUB_OUTPUT - name: Nginx version run: echo "${{ steps.var.outputs.nginx_version }}" diff --git a/.github/workflows/system-testing.yml b/.github/workflows/system-testing.yml index 70b19d67..73fb235f 100644 --- a/.github/workflows/system-testing.yml +++ b/.github/workflows/system-testing.yml @@ -29,14 +29,13 @@ jobs: - name: Get vars id: vars run: | - # replace with version from Dockerfile when fixed - echo "NGINX_VERSION=1.27.0" >> $GITHUB_OUTPUT + echo "nginx_version=$(grep -m1 'FROM nginx:' > $GITHUB_OUTPUT - name: Setup Python uses: actions/setup-python@v5 with: - python-version-file: '.python-version' - cache: 'pip' + python-version-file: ".python-version" + cache: "pip" - name: Install Dependencies run: pip install -r test/requirements.ci.txt @@ -54,7 +53,7 @@ jobs: cache-from: type=gha,scope=system-nginx cache-to: type=gha,scope=system-nginx,mode=max build-args: | - NGINX_VERSION=${{ steps.vars.outputs.NGINX_VERSION }} + NGINX_VERSION=${{ steps.vars.outputs.nginx_version }} - name: Build backend uses: docker/build-push-action@v6 diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml index 40b943f8..23496054 100644 --- a/.github/workflows/update-docker-images.yml +++ b/.github/workflows/update-docker-images.yml @@ -2,7 +2,7 @@ name: Update Docker Images on: schedule: - - cron: '0 1 * * *' + - cron: "0 1 * * *" workflow_dispatch: defaults: @@ -10,7 +10,6 @@ defaults: shell: bash jobs: - variables: name: Get version of base image runs-on: ubuntu-20.04 @@ -18,7 +17,6 @@ jobs: versions: ${{ steps.version.outputs.matrix }} git_tag: ${{ steps.tag.outputs.git_tag }} docker_platforms: ${{ steps.vars.outputs.docker_platforms }} - sha_long: ${{ steps.vars.outputs.sha_long }} steps: - name: Checkout Repository uses: actions/checkout@v4 @@ -28,7 +26,7 @@ jobs: id: tag run: | tag=$(git tag --sort=-version:refname | head -n1) - echo "::set-output name=git_tag::${tag//v}" + echo "git_tag=${tag//v}" >> $GITHUB_OUTPUT - name: Checkout Repository at ${{ steps.tag.outputs.git_tag }} uses: actions/checkout@v4 with: @@ -38,12 +36,11 @@ jobs: run: | nginx_alpine=library/nginx:$(grep -m1 "FROM.*nginx.*alpine" > $GITHUB_OUTPUT - name: Set other variables id: vars run: | - echo "::set-output name=docker_platforms::$(grep "PLATFORMS:" .github/workflows/docker.yml | awk -F" " '{print $2}')" - echo "::set-output name=sha_long::$(git rev-parse HEAD)" + echo "docker_platforms=$(grep "PLATFORMS:" .github/workflows/docker.yml | awk -F" " '{print $2}')" >> $GITHUB_OUTPUT check: name: Check if updates are needed @@ -60,7 +57,7 @@ jobs: id: dist run: | if [ ${{ matrix.base_image.distro }} == "debian" ]; then dist=""; else dist="-${{ matrix.base_image.distro }}"; fi - echo "::set-output name=tag::${{ needs.variables.outputs.git_tag }}${dist}" + echo "tag=${{ needs.variables.outputs.git_tag }}${dist}" >> $GITHUB_OUTPUT - name: Check if update available ${{ matrix.base_image.version }} id: update uses: lucacome/docker-image-update-checker@v1 @@ -69,7 +66,7 @@ jobs: image: opentracing/nginx-opentracing:${{ steps.dist.outputs.tag }} - id: var run: | - echo "::set-output name=${{ matrix.base_image.distro }}::${{ steps.update.outputs.needs-updating }}" + echo "${{ matrix.base_image.distro }}=${{ steps.update.outputs.needs-updating }}" >> $GITHUB_OUTPUT build-docker: if: ${{ needs.check.outputs.needs-updating-debian == 'true' || needs.check.outputs.needs-updating-alpine == 'true' }} @@ -93,7 +90,7 @@ jobs: - name: Output Variables id: var run: | - echo "::set-output name=nginx_version::$(grep -m1 'FROM nginx:' > $GITHUB_OUTPUT if: ${{ matrix.needs-updating == 'true' }} - name: Setup QEMU @@ -123,6 +120,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: + context: git images: | opentracing/nginx-opentracing ghcr.io/opentracing-contrib/nginx-opentracing @@ -132,8 +130,6 @@ jobs: tags: | type=raw,value=${{ needs.variables.outputs.git_tag }} type=raw,value=nginx-${{ steps.var.outputs.nginx_version }} - labels: | - org.opencontainers.image.revision=${{ needs.variables.outputs.sha_long }} if: ${{ matrix.needs-updating == 'true' }} - name: Build and push diff --git a/Dockerfile b/Dockerfile index ca383cb1..5a46b8d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,9 @@ -# syntax=docker/dockerfile:1.3 +# syntax=docker/dockerfile:1.8 ARG BUILD_OS=debian -ARG BUILD_NGINX_VERSION=1.27.0 FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0 AS xx ### Build base image for debian -FROM --platform=$BUILDPLATFORM debian:bullseye as build-base-debian +FROM --platform=$BUILDPLATFORM debian:12 as build-base-debian RUN apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ @@ -202,9 +201,10 @@ RUN xx-info env && git clone --depth 1 -b $DATADOG_VERSION https://github.com/Da ### Base build image for debian -FROM nginx:${BUILD_NGINX_VERSION}-bookworm as build-nginx-debian +FROM nginx:1.27.0 as build-nginx-debian -RUN echo "deb-src [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \ +RUN DEBIAN_VERSION=$(awk -F '=' '/^VERSION_CODENAME=/ {print $2}' /etc/os-release) \ + && echo "deb-src [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian/ ${DEBIAN_VERSION} nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ && apt-get build-dep -y nginx @@ -237,12 +237,12 @@ RUN curl -fsSL -O https://github.com/nginx/nginx/archive/release-${NGINX_VERSION ### Base image for alpine -FROM nginx:${BUILD_NGINX_VERSION}-alpine as nginx-alpine +FROM nginx:1.27.0-alpine as nginx-alpine RUN apk add --no-cache libstdc++ ### Base image for debian -FROM nginx:${BUILD_NGINX_VERSION}-bookworm as nginx-debian +FROM nginx:1.27.0 as nginx-debian ### Build final image diff --git a/Makefile b/Makefile index f957b0e3..cd55cbc1 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -NGINX_VERSION=1.27.0 +NGINX_VERSION=$(shell grep -m1 'FROM nginx:'