Skip to content

Commit

Permalink
Merge pull request #14237 from Budibase/fix/lock-ci-image-sha
Browse files Browse the repository at this point in the history 
Lock CI images to specific SHAs
  • Loading branch information
@mike12345567
mike12345567 committed Jul 24, 2024
2 parents a170d78 + 6796caf commit 30e4792
Show file tree
Hide file tree
Showing 10 changed files with 49 additions and 17 deletions.
22 changes: 14 additions & 8 deletions .github/workflows/budibase_ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ jobs:
- name: Pull testcontainers images
run: |
docker pull testcontainers/ryuk:0.5.1 &
docker pull budibase/couchdb:v3.2.1-sqs &
docker pull budibase/couchdb:v3.3.3 &
docker pull redis &
wait $(jobs -p)
Expand Down Expand Up @@ -162,17 +162,23 @@ jobs:
node-version: 20.x
cache: yarn

- name: Load dotenv
id: dotenv
uses: falti/[email protected]
with:
path: ./packages/server/datasource-sha.env

- name: Pull testcontainers images
run: |
docker pull mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04 &
docker pull mysql:8.3 &
docker pull postgres:16.1-bullseye &
docker pull mongo:7.0-jammy &
docker pull mariadb:lts &
docker pull testcontainers/ryuk:0.5.1 &
docker pull budibase/couchdb:v3.2.1-sqs &
docker pull mcr.microsoft.com/mssql/server@${{ steps.dotenv.outputs.MSSQL_SHA }} &
docker pull mysql@${{ steps.dotenv.outputs.MYSQL_SHA }} &
docker pull postgres@${{ steps.dotenv.outputs.POSTGRES_SHA }} &
docker pull mongo@${{ steps.dotenv.outputs.MONGODB_SHA }} &
docker pull mariadb@${{ steps.dotenv.outputs.MARIADB_SHA }} &
docker pull minio/minio &
docker pull redis &
docker pull testcontainers/ryuk:0.5.1 &
docker pull budibase/couchdb:v3.3.3 &
wait $(jobs -p)
Expand Down
2 changes: 1 addition & 1 deletion globalSetup.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ export default async function setup() {
await killContainers(containers)

try {
const couchdb = new GenericContainer("budibase/couchdb:v3.2.1-sqs")
const couchdb = new GenericContainer("budibase/couchdb:v3.3.3")
.withExposedPorts(5984, 4984)
.withEnvironment({
COUCHDB_PASSWORD: "budibase",
Expand Down
5 changes: 5 additions & 0 deletions packages/server/datasource-sha.env
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
MSSQL_SHA=sha256:c4369c38385eba011c10906dc8892425831275bb035d5ce69656da8e29de50d8
MYSQL_SHA=sha256:9de9d54fecee6253130e65154b930978b1fcc336bcc86dfd06e89b72a2588ebe
POSTGRES_SHA=sha256:bd0d8e485d1aca439d39e5ea99b931160bd28d862e74c786f7508e9d0053090e
MONGODB_SHA=sha256:afa36bca12295b5f9dae68a493c706113922bdab520e901bd5d6c9d7247a1d8d
MARIADB_SHA=sha256:e59ba8783bf7bc02a4779f103bb0d8751ac0e10f9471089709608377eded7aa8
13 changes: 13 additions & 0 deletions packages/server/src/integrations/tests/utils/images.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
import dotenv from "dotenv"
import { join } from "path"

const path = join(__dirname, "..", "..", "..", "..", "datasource-sha.env")
dotenv.config({
path,
})

export const MSSQL_IMAGE = `mcr.microsoft.com/mssql/server@${process.env.MSSQL_SHA}`
export const MYSQL_IMAGE = `mysql@${process.env.MYSQL_SHA}`
export const POSTGRES_IMAGE = `postgres@${process.env.POSTGRES_SHA}`
export const MONGODB_IMAGE = `mongo@${process.env.MONGODB_SHA}`
export const MARIADB_IMAGE = `mariadb@${process.env.MARIADB_SHA}`
7 changes: 6 additions & 1 deletion packages/server/src/integrations/tests/utils/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import "./images"
import { Datasource, SourceName } from "@budibase/types"
import * as postgres from "./postgres"
import * as mongodb from "./mongodb"
Expand Down Expand Up @@ -67,7 +68,11 @@ export async function knexClient(ds: Datasource) {

export async function startContainer(container: GenericContainer) {
const imageName = (container as any).imageName.string as string
const key = imageName.replaceAll("/", "-").replaceAll(":", "-")
let key: string = imageName
if (imageName.includes("@sha256")) {
key = imageName.split("@")[0]
}
key = key.replaceAll("/", "-").replaceAll(":", "-")

container = container
.withReuse()
Expand Down
3 changes: 2 additions & 1 deletion packages/server/src/integrations/tests/utils/mariadb.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { AbstractWaitStrategy } from "testcontainers/build/wait-strategies/wait-
import { generator, testContainerUtils } from "@budibase/backend-core/tests"
import { startContainer } from "."
import { knexClient } from "./mysql"
import { MARIADB_IMAGE } from "./images"

let ports: Promise<testContainerUtils.Port[]>

Expand All @@ -27,7 +28,7 @@ class MariaDBWaitStrategy extends AbstractWaitStrategy {
export async function getDatasource(): Promise<Datasource> {
if (!ports) {
ports = startContainer(
new GenericContainer("mariadb:lts")
new GenericContainer(MARIADB_IMAGE)
.withExposedPorts(3306)
.withEnvironment({ MARIADB_ROOT_PASSWORD: "password" })
.withWaitStrategy(new MariaDBWaitStrategy())
Expand Down
3 changes: 2 additions & 1 deletion packages/server/src/integrations/tests/utils/mongodb.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,14 @@ import { generator, testContainerUtils } from "@budibase/backend-core/tests"
import { Datasource, SourceName } from "@budibase/types"
import { GenericContainer, Wait } from "testcontainers"
import { startContainer } from "."
import { MONGODB_IMAGE } from "./images"

let ports: Promise<testContainerUtils.Port[]>

export async function getDatasource(): Promise<Datasource> {
if (!ports) {
ports = startContainer(
new GenericContainer("mongo:7.0-jammy")
new GenericContainer(MONGODB_IMAGE)
.withExposedPorts(27017)
.withEnvironment({
MONGO_INITDB_ROOT_USERNAME: "mongo",
Expand Down
5 changes: 2 additions & 3 deletions packages/server/src/integrations/tests/utils/mssql.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,14 @@ import { GenericContainer, Wait } from "testcontainers"
import { generator, testContainerUtils } from "@budibase/backend-core/tests"
import { startContainer } from "."
import knex from "knex"
import { MSSQL_IMAGE } from "./images"

let ports: Promise<testContainerUtils.Port[]>

export async function getDatasource(): Promise<Datasource> {
if (!ports) {
ports = startContainer(
new GenericContainer(
"mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04"
)
new GenericContainer(MSSQL_IMAGE)
.withExposedPorts(1433)
.withEnvironment({
ACCEPT_EULA: "Y",
Expand Down
3 changes: 2 additions & 1 deletion packages/server/src/integrations/tests/utils/mysql.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { AbstractWaitStrategy } from "testcontainers/build/wait-strategies/wait-
import { generator, testContainerUtils } from "@budibase/backend-core/tests"
import { startContainer } from "."
import knex from "knex"
import { MYSQL_IMAGE } from "./images"

let ports: Promise<testContainerUtils.Port[]>

Expand All @@ -30,7 +31,7 @@ class MySQLWaitStrategy extends AbstractWaitStrategy {
export async function getDatasource(): Promise<Datasource> {
if (!ports) {
ports = startContainer(
new GenericContainer("mysql:8.3")
new GenericContainer(MYSQL_IMAGE)
.withExposedPorts(3306)
.withEnvironment({ MYSQL_ROOT_PASSWORD: "password" })
.withWaitStrategy(new MySQLWaitStrategy().withStartupTimeout(10000))
Expand Down
3 changes: 2 additions & 1 deletion packages/server/src/integrations/tests/utils/postgres.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,14 @@ import { GenericContainer, Wait } from "testcontainers"
import { generator, testContainerUtils } from "@budibase/backend-core/tests"
import { startContainer } from "."
import knex from "knex"
import { POSTGRES_IMAGE } from "./images"

let ports: Promise<testContainerUtils.Port[]>

export async function getDatasource(): Promise<Datasource> {
if (!ports) {
ports = startContainer(
new GenericContainer("postgres:16.1-bullseye")
new GenericContainer(POSTGRES_IMAGE)
.withExposedPorts(5432)
.withEnvironment({ POSTGRES_PASSWORD: "password" })
.withWaitStrategy(
Expand Down

0 comments on commit 30e4792

Please sign in to comment.