From d9769c6affa89f9966f23bba2506fd367d48eb62 Mon Sep 17 00:00:00 2001 From: Erik Jaegervall Date: Tue, 19 Mar 2024 14:23:19 +0100 Subject: [PATCH] Fix unknown/unknown docker images See https://github.com/eclipse/kuksa.val/issues/752 --- .github/actions/copy-from-oci/action.yml | 17 +++++++--------- .../workflows/kuksa_databroker-cli_build.yml | 16 ++++++++++----- .github/workflows/kuksa_databroker_build.yml | 20 ++++++++++++------- .github/workflows/kuksa_val_docker.yml | 6 ++++++ .github/workflows/kuksa_val_unittest.yml | 2 +- 5 files changed, 38 insertions(+), 23 deletions(-) diff --git a/.github/actions/copy-from-oci/action.yml b/.github/actions/copy-from-oci/action.yml index 19b4d91ff..a82957b1a 100644 --- a/.github/actions/copy-from-oci/action.yml +++ b/.github/actions/copy-from-oci/action.yml @@ -25,7 +25,7 @@ inputs: description: | This will be the name of the temporary container, making sure we do not leave any stale containers around (we try deleting and before and after running this, so we can recover should a workflow for a given id fail before cleaning up) - Will be used for artifact name (if export=true) and to identify + Will be used for artifact name (if export=true) and to identify This will also be created as directory in cwd. !No special characters allowed "/" ! export: @@ -35,29 +35,26 @@ inputs: transform: required: false description: Optionally applying chosen --transform to tar when export is set to true - + runs: using: "composite" steps: - shell: bash - run: | + run: | mkdir -p ${{ inputs.id }} docker rm ${{ inputs.id }} || true docker create --name ${{ inputs.id }} --platform ${{ inputs.platform }} ${{ inputs.image }} - docker cp ${{ inputs.id }}:${{ inputs.src }} ${{ inputs.id }} + docker cp ${{ inputs.id }}:${{ inputs.src }} ${{ inputs.id }} docker rm ${{ inputs.id }} - + - if: inputs.export == 'true' shell: bash run: tar -czf ${{ inputs.id }}.tar.gz -C ${{ inputs.id }} --transform "${{ inputs.transform }}" . - + - if: inputs.export == 'true' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ inputs.id }} path: ${{ inputs.id }}.tar.gz - - - diff --git a/.github/workflows/kuksa_databroker-cli_build.yml b/.github/workflows/kuksa_databroker-cli_build.yml index ab369aa41..07113b128 100644 --- a/.github/workflows/kuksa_databroker-cli_build.yml +++ b/.github/workflows/kuksa_databroker-cli_build.yml @@ -81,11 +81,11 @@ jobs: type=semver,pattern={{major}} - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Log in to the Container registry if: needs.check_ghcr_push.outputs.push == 'true' @@ -111,6 +111,9 @@ jobs: ${{ steps.meta.outputs.tags }} ttl.sh/kuksa.val/kuksa-databroker-cli-${{github.sha}} labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false - name: Build ephemeral KUKSA Databroker container and push to ttl.sh if: needs.check_ghcr_push.outputs.push == 'false' @@ -126,6 +129,9 @@ jobs: push: true tags: "ttl.sh/kuksa.val/kuksa-databroker-cli-${{github.sha}}" labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false - name: Posting message @@ -134,19 +140,19 @@ jobs: image: ttl.sh/kuksa.val/kuksa-databroker-cli-${{github.sha}} - name: "Archiving AMD64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker-cli-amd64 path: ${{github.workspace}}/dist/amd64 - name: "Archiving ARM64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker-cli-arm64 path: ${{github.workspace}}/dist/arm64 - name: "Archiving RISCV64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker--cli-riscv64 path: ${{github.workspace}}/dist/riscv64 diff --git a/.github/workflows/kuksa_databroker_build.yml b/.github/workflows/kuksa_databroker_build.yml index 9ca24772a..c24504d5c 100644 --- a/.github/workflows/kuksa_databroker_build.yml +++ b/.github/workflows/kuksa_databroker_build.yml @@ -67,7 +67,7 @@ jobs: --exclude-files kuksa_databroker/databroker/tests/world/* - name: Upload coverage report - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Code coverage report path: cobertura.xml @@ -119,11 +119,11 @@ jobs: # only needed for runners without buildx setup, will be slow - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Log in to the Container registry if: needs.check_ghcr_push.outputs.push == 'true' @@ -149,6 +149,9 @@ jobs: ${{ steps.meta.outputs.tags }} ttl.sh/kuksa.val/kuksa-databroker-${{github.sha}} labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false - name: Build ephemeral KUKSA Databroker container and push to ttl.sh if: needs.check_ghcr_push.outputs.push == 'false' @@ -164,6 +167,9 @@ jobs: push: true tags: "ttl.sh/kuksa.val/kuksa-databroker-${{github.sha}}" labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false - name: Posting message uses: ./.github/actions/post-container-location @@ -171,19 +177,19 @@ jobs: image: ttl.sh/kuksa.val/kuksa-databroker-${{github.sha}} - name: "Archiving AMD64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker-amd64 path: ${{github.workspace}}/dist/amd64 - name: "Archiving ARM64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker-arm64 path: ${{github.workspace}}/dist/arm64 - name: "Archiving RISCV64 artifacts" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: databroker-riscv64 path: ${{github.workspace}}/dist/riscv64 @@ -197,7 +203,7 @@ jobs: steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - uses: actions/checkout@v4 diff --git a/.github/workflows/kuksa_val_docker.yml b/.github/workflows/kuksa_val_docker.yml index 3662610a1..724c7a09d 100644 --- a/.github/workflows/kuksa_val_docker.yml +++ b/.github/workflows/kuksa_val_docker.yml @@ -72,6 +72,9 @@ jobs: ${{ steps.meta.outputs.tags }} ttl.sh/kuksa.val/kuksa-server-${{github.sha}} labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false - name: Build ephemeral KUKSA Server docker and push to ttl.sh if: needs.check_ghcr_push.outputs.push == 'false' @@ -85,3 +88,6 @@ jobs: push: true tags: ttl.sh/kuksa.val/kuksa-server-${{github.sha}} labels: ${{ steps.meta.outputs.labels }} + # Provenance to solve that an unknown/unkown image is shown on ghcr.io + # Same problem as described in https://github.com/orgs/community/discussions/45969 + provenance: false diff --git a/.github/workflows/kuksa_val_unittest.yml b/.github/workflows/kuksa_val_unittest.yml index 754b4f96f..db6c177ba 100644 --- a/.github/workflows/kuksa_val_unittest.yml +++ b/.github/workflows/kuksa_val_unittest.yml @@ -28,7 +28,7 @@ jobs: - name: listing test results run: ls out - name: Upload unittests artifact - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: unittest path: ${{github.workspace}}/out