Skip to content

Commit

Permalink
🤖 Change trivy DB url (#3009)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Itxaka
Itxaka authored Nov 13, 2024
1 parent a0c3578 commit 47da024
Show file tree
Hide file tree
Showing 10 changed files with 8 additions and 271 deletions.
24 changes: 0 additions & 24 deletions .github/workflows/image-arm-pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,31 +13,9 @@ env:
FORCE_COLOR: 1
EARTHLY_TOKEN: ${{ secrets.EARTHLY_TOKEN }}
jobs:
# Populate the trivy cache once for all later jobs to use
trivy-cache:
runs-on: ARM64
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Restore trivy cache
uses: yogeshlonkar/trivy-cache-action@v0
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
- name: Populate trivy Cache
run: |
[ ! -d ".trivy" ] && mkdir -p ".trivy"
earthly +trivy-download-db --DIR .trivy
opensuse:
uses: ./.github/workflows/reusable-docker-arm-build.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
id-token: write # OIDC support
contents: write
Expand All @@ -63,8 +41,6 @@ jobs:
alpine:
uses: ./.github/workflows/reusable-docker-arm-build.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
id-token: write # OIDC support
contents: write
Expand Down
28 changes: 0 additions & 28 deletions .github/workflows/image-arm.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,32 +80,8 @@ jobs:
content="${content//$'\r'/'%0D'}"
# end of optional handling for multi line json
echo "::set-output name=matrix::{\"include\": $content }"
# Populate the trivy cache once for all later jobs to use
trivy-cache:
runs-on: ARM64
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Restore trivy cache
uses: yogeshlonkar/trivy-cache-action@v0
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
- name: Populate trivy Cache
run: |
[ ! -d ".trivy" ] && mkdir -p ".trivy"
earthly +trivy-download-db --DIR .trivy
build-nvidia-base:
runs-on: fast
needs:
- trivy-cache
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
Expand Down Expand Up @@ -209,7 +185,6 @@ jobs:
statuses: read
needs:
- build-nvidia-base
- trivy-cache
secrets: inherit
with:
flavor: ubuntu
Expand Down Expand Up @@ -246,15 +221,12 @@ jobs:
worker: ${{ matrix.worker }}
needs:
- get-core-matrix
- trivy-cache
strategy:
fail-fast: false
matrix: ${{fromJson(needs.get-core-matrix.outputs.matrix)}}

image_and_iso_arm64_generic:
uses: ./.github/workflows/reusable-image-and-iso-arm-generic.yaml
needs:
- trivy-cache
secrets: inherit
with:
flavor: "opensuse"
Expand Down
49 changes: 0 additions & 49 deletions .github/workflows/image-pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,31 +12,9 @@ env:
FORCE_COLOR: 1
EARTHLY_TOKEN: ${{ secrets.EARTHLY_TOKEN }}
jobs:
# Populate the trivy cache once for all later jobs to use
trivy-cache:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Restore trivy cache
uses: yogeshlonkar/trivy-cache-action@v0
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
- name: Populate trivy Cache
run: |
[ ! -d ".trivy" ] && mkdir -p ".trivy"
earthly +trivy-download-db --DIR .trivy
core-ubuntu-22-lts:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
contents: write
security-events: write
Expand Down Expand Up @@ -64,8 +42,6 @@ jobs:
core-ubuntu-24-lts:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
contents: write
security-events: write
Expand Down Expand Up @@ -93,8 +69,6 @@ jobs:
core-ubuntu-24-10:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
contents: write
security-events: write
Expand Down Expand Up @@ -122,8 +96,6 @@ jobs:
core-alpine:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
contents: write
security-events: write
Expand Down Expand Up @@ -151,8 +123,6 @@ jobs:
standard:
uses: ./.github/workflows/reusable-build-provider.yaml
secrets: inherit
needs:
- trivy-cache
permissions:
id-token: write # OIDC support
contents: write
Expand Down Expand Up @@ -185,7 +155,6 @@ jobs:
flavor_release: "24.04"
secureboot: false
needs:
- trivy-cache
- core-ubuntu-24-lts

install-target:
Expand All @@ -196,7 +165,6 @@ jobs:
flavor_release: "24.04"
secureboot: false
needs:
- trivy-cache
- core-ubuntu-24-lts

install-secureboot:
Expand All @@ -207,7 +175,6 @@ jobs:
flavor_release: "24.04"
secureboot: true
needs:
- trivy-cache
- core-ubuntu-24-lts

install-alpine:
Expand All @@ -217,7 +184,6 @@ jobs:
flavor: alpine
flavor_release: "3.19"
needs:
- trivy-cache
- core-alpine

zfs:
Expand All @@ -227,7 +193,6 @@ jobs:
flavor: ubuntu
flavor_release: "22.04"
needs:
- trivy-cache
- core-ubuntu-22-lts

acceptance:
Expand All @@ -237,7 +202,6 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
needs:
- trivy-cache
- core-ubuntu-24-lts

acceptance-alpine:
Expand All @@ -247,7 +211,6 @@ jobs:
flavor: alpine
flavor_release: "3.19"
needs:
- trivy-cache
- core-alpine

bundles:
Expand All @@ -257,7 +220,6 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
needs:
- trivy-cache
- core-ubuntu-24-lts

reset:
Expand All @@ -267,7 +229,6 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
needs:
- trivy-cache
- core-ubuntu-24-lts

reset-alpine:
Expand All @@ -277,7 +238,6 @@ jobs:
flavor: alpine
flavor_release: "3.19"
needs:
- trivy-cache
- core-alpine

netboot:
Expand All @@ -291,7 +251,6 @@ jobs:
model: generic
variant: core
needs:
- trivy-cache
- core-ubuntu-24-lts

netboot-alpine:
Expand All @@ -305,7 +264,6 @@ jobs:
model: generic
variant: core
needs:
- trivy-cache
- core-alpine

upgrade:
Expand All @@ -315,7 +273,6 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
needs:
- trivy-cache
- core-ubuntu-24-lts

upgrade-alpine:
Expand All @@ -325,7 +282,6 @@ jobs:
flavor: alpine
flavor_release: "3.19"
needs:
- trivy-cache
- core-alpine

upgrade-latest:
Expand All @@ -337,7 +293,6 @@ jobs:
family: "ubuntu"
# release_matcher: "23.10" # introduced so tests can be green while we wait for the kairos release with the latest flavor release
needs:
- trivy-cache
- core-ubuntu-24-lts

# enable once the first alpine only release is out as it currently cannot find the latest alpine release properly
Expand All @@ -347,7 +302,6 @@ jobs:
# flavor: alpine
# flavor_release: "3.19"
# needs:
# - trivy-cache
# - core-alpine

custom-partitioning:
Expand All @@ -372,7 +326,6 @@ jobs:
flavor: ${{ matrix.flavor }}
flavor_release: ${{ matrix.flavorRelease }}
needs:
- trivy-cache
- core-ubuntu-24-lts
strategy:
fail-fast: true
Expand All @@ -389,7 +342,6 @@ jobs:
flavor_release: "24.04"
label: ${{ matrix.label }}
needs:
- trivy-cache
- core-ubuntu-24-lts
strategy:
fail-fast: true
Expand All @@ -409,7 +361,6 @@ jobs:
flavor_release: "3.19"
label: ${{ matrix.label }}
needs:
- trivy-cache
- core-alpine
strategy:
fail-fast: true
Expand Down
Loading

0 comments on commit 47da024

Please sign in to comment.