Skip to content

Commit

Permalink
Merge pull request #594 from fluxcd/docker-sbom
Browse files Browse the repository at this point in the history 
build: Enable SBOM and SLSA Provenance
  • Loading branch information
@stefanprodan
stefanprodan authored Jan 30, 2023
2 parents 6f0b7cd + 8f1592a commit 1e49ba6
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 18 deletions.
19 changes: 5 additions & 14 deletions .github/workflows/e2e.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,12 @@ jobs:
- name: Checkout
uses: actions/checkout@v3
- name: Setup QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v2
with:
platforms: all
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: "--debug"
- name: Restore Go cache
Expand All @@ -45,22 +45,16 @@ jobs:
with:
go-version: 1.19.x
- name: Setup Kubernetes
uses: engineerd/setup-kind@v0.5.0
uses: helm/kind-action@v1.5.0
with:
version: v0.11.1
image: kindest/node:v1.23.13
version: v0.17.0
cluster_name: kind
- name: Setup Helm
uses: fluxcd/pkg/actions/helm@main
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@main
- name: Setup Kubebuilder
uses: fluxcd/pkg/actions/kubebuilder@main
- name: Setup Kubectl
uses: fluxcd/pkg/actions/kubectl@main
- name: Run tests
run: make test
env:
KUBEBUILDER_ASSETS: ${{ github.workspace }}/kubebuilder/bin
- name: Check if working tree is dirty
run: |
if [[ $(git diff --stat) != '' ]]; then
Expand Down Expand Up @@ -594,9 +588,6 @@ jobs:
- name: Debug failure
if: failure()
run: |
which kubectl
kubectl version
helm version
kubectl -n helm-system get helmrepositories -oyaml || true
kubectl -n helm-system get helmcharts -oyaml || true
kubectl -n helm-system get helmreleases -oyaml || true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/nightly.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: Setup QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v2
with:
platforms: all
- name: Setup Docker Buildx
Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ jobs:
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF/refs\/tags\//}
fi
echo ::set-output name=BUILD_DATE::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
echo ::set-output name=VERSION::${VERSION}
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
- name: Setup Docker Buildx
Expand Down Expand Up @@ -62,6 +62,8 @@ jobs:
- name: Publish images
uses: docker/build-push-action@v3
with:
sbom: true
provenance: true
push: true
builder: ${{ steps.buildx.outputs.name }}
context: .
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ COPY internal/ internal/
ENV CGO_ENABLED=0
RUN xx-go build -trimpath -a -o helm-controller main.go

FROM alpine:3.16
FROM alpine:3.17

# link repo to the GitHub Container Registry image
LABEL org.opencontainers.image.source="https://github.com/fluxcd/helm-controller"
Expand Down

0 comments on commit 1e49ba6

Please sign in to comment.