admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Docker multi-platform image build with buildx, using Goreleaser (#915)

Browse Source 
* Minimal WIP cross platform build with goreleaser

* Add Docker manifest, update docker image tags

* Update GH release workflow

* Comment out ECR image repo and RPM/DEB generation

* Enable and set up Docker Buildx for multi-platform builds

Also add caching of Go modules

* Add Docker Buildx support, re-enable parent repo workflows

* Add Docker Buildx support for multi-arch image builds

* Added Docker Buildx setup into `build-test` job of `test` workflow

Otherwise the `test` workflow will fail.
Also updated `setup-go` GH action to latest version, v2, per request
of @krol3
This commit is contained in:
Drew Robinson
2021-03-29 16:53:28 +08:00
committed by GitHub
parent a6b8ec3134
commit 0518d2785f
3 changed files with 93 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/release.yaml vendored
View File

@@ -10,19 +10,35 @@ jobs:
release:
name: Release
runs-on: ubuntu-18.04 # 20.04 doesn't provide createrepo for now
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- name: Install dependencies
run: |
sudo apt-get -y update
sudo apt-get -y install rpm reprepro createrepo distro-info
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Show available Docker Buildx platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Setup Go
uses: actions/setup-go@v1
uses: actions/setup-go@v2
with:
go-version: ${{ env.GO_VERSION }}
- name: Checkout code
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Cache Go modules
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Checkout trivy-repo
uses: actions/checkout@v2
with:

18
.github/workflows/test.yaml vendored
View File

@@ -10,7 +10,7 @@ jobs:
- uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v1
uses: actions/setup-go@v2
with:
go-version: ${{ env.GO_VERSION }}
@@ -33,7 +33,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v1
uses: actions/setup-go@v2
with:
go-version: ${{ env.GO_VERSION }}
id: go
@@ -47,12 +47,24 @@ jobs:
build-test:
name: Build Test
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Show available Docker Buildx platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Checkout
uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v1
uses: actions/setup-go@v2
with:
go-version: ${{ env.GO_VERSION }}

68
goreleaser.yml
View File

@@ -84,13 +84,16 @@ brews:
dockers:
- image_templates:
- "docker.io/aquasec/trivy:{{ .Version }}"
- "docker.io/aquasec/trivy:latest"
- "ghcr.io/aquasecurity/trivy:{{ .Version }}"
- "ghcr.io/aquasecurity/trivy:latest"
- "public.ecr.aws/aquasecurity/trivy:latest"
- "public.ecr.aws/aquasecurity/trivy:{{ .Version }}"
binaries:
- "docker.io/aquasec/trivy:{{ .Version }}-amd64"
- "docker.io/aquasec/trivy:latest-amd64"
- "ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64"
- "ghcr.io/aquasecurity/trivy:latest-amd64"
- "public.ecr.aws/aquasecurity/trivy:latest-amd64"
- "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64"
use_buildx: true
goos: linux
goarch: amd64
ids:
- trivy
build_flag_templates:
- "--label=org.label-schema.schema-version=1.0"
@@ -101,5 +104,56 @@ dockers:
- "--label=org.label-schema.build-date={{ .Date }}"
- "--label=org.label-schema.vcs=https://github.com/aquasecurity/trivy"
- "--label=org.label-schema.vcs-ref={{ .FullCommit }}"
- "--platform=linux/amd64"
extra_files:
- contrib/
- image_templates:
- "docker.io/aquasec/trivy:{{ .Version }}-arm64"
- "docker.io/aquasec/trivy:latest-arm64"
- "ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64"
- "ghcr.io/aquasecurity/trivy:latest-arm64"
- "public.ecr.aws/aquasecurity/trivy:latest-arm64"
- "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64"
use_buildx: true
goos: linux
goarch: arm64
ids:
- trivy
build_flag_templates:
- "--label=org.label-schema.schema-version=1.0"
- "--label=org.label-schema.name={{ .ProjectName }}"
- "--label=org.label-schema.description=A Fast Vulnerability Scanner for Containers"
- "--label=org.label-schema.vendor=Aqua Security"
- "--label=org.label-schema.version={{ .Version }}"
- "--label=org.label-schema.build-date={{ .Date }}"
- "--label=org.label-schema.vcs=https://github.com/aquasecurity/trivy"
- "--label=org.label-schema.vcs-ref={{ .FullCommit }}"
- "--platform=linux/arm64"
extra_files:
- contrib/
docker_manifests:
- name_template: 'aquasec/trivy:{{ .Version }}'
image_templates:
- 'aquasec/trivy:{{ .Version }}-amd64'
- 'aquasec/trivy:{{ .Version }}-arm64'
- name_template: 'ghcr.io/aquasecurity/trivy:{{ .Version }}'
image_templates:
- 'ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64'
- 'ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64'
- name_template: 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}'
image_templates:
- 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64'
- 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64'
- name_template: 'aquasec/trivy:latest'
image_templates:
- 'aquasec/trivy:{{ .Version }}-amd64'
- 'aquasec/trivy:{{ .Version }}-arm64'
- name_template: 'ghcr.io/aquasecurity/trivy:latest'
image_templates:
- 'ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64'
- 'ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64'
- name_template: 'public.ecr.aws/aquasecurity/trivy:latest'
image_templates:
- 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64'
- 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64'