DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bump nginx and Go, remove tag file and old CI jobs (#11037)

Browse source 
* bump nginx and remove tag file

* Bump go, remove old CI jobs
This commit is contained in:
Ricardo Katz 2024-02-28 17:05:38 -03:00 committed by GitHub
parent 7a75538dea
commit 02e3af9039
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 5 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.github/workflows/ci.yaml vendored
View file

@ -67,6 +67,7 @@ jobs:
- 'charts/ingress-nginx/**/*' - 'charts/ingress-nginx/**/*'
- 'NGINX_BASE' - 'NGINX_BASE'
baseimage: baseimage:
- 'NGINX_BASE'
- 'images/nginx-1.25/**' - 'images/nginx-1.25/**'
test-go: test-go:
@ -141,7 +142,7 @@ jobs:
needs.changes.outputs.baseimage == 'true' needs.changes.outputs.baseimage == 'true'
run: | run: |
export TAG=$(cat images/nginx-1.25/TAG) export TAG=$(cat images/nginx-1.25/TAG)
cd images/nginx-1.25/rootfs && docker buildx build --platform=${{ env.PLATFORMS }} --load -t gcr.io/k8s-staging-ingress-nginx/nginx-1.25:${TAG} . cd images/nginx-1.25/rootfs && docker buildx build --platform=${{ env.PLATFORMS }} --load -t registry.k8s.io/ingress-nginx/nginx-1.25:${TAG} .
- name: Build images - name: Build images
env: env:
@ -151,7 +152,7 @@ jobs:
run: | run: |
echo "building images..." echo "building images..."
export TAGNGINX=$(cat images/nginx-1.25/TAG) export TAGNGINX=$(cat images/nginx-1.25/TAG)
make BASE_IMAGE=gcr.io/k8s-staging-ingress-nginx/nginx-1.25:${TAGNGINX} clean-image build image image-chroot make BASE_IMAGE=registry.k8s.io/ingress-nginx/nginx-1.25:${TAGNGINX} clean-image build image image-chroot
make -C test/e2e-image image make -C test/e2e-image image
echo "creating images cache..." echo "creating images cache..."

23
.github/workflows/images.yaml vendored
View file

@ -167,29 +167,6 @@ jobs:
run: | run: |
cd images/ && make NAME=kube-webhook-certgen test test-e2e cd images/ && make NAME=kube-webhook-certgen test test-e2e
nginx:
runs-on: ubuntu-latest
needs: changes
if: |
(needs.changes.outputs.nginx == 'true')
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: nginx-base-image
run: |
cd images/nginx/rootfs && docker build -t docker.io/nginx-test-workflow/nginx:${{ github.sha }} .
- name: Run Trivy on NGINX Image
uses: aquasecurity/trivy-action@master
with:
image-ref: 'docker.io/nginx-test-workflow/nginx:${{ github.sha }}'
format: 'sarif'
ignore-unfixed: true
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
with:
sarif_file: 'trivy-results.sarif'
opentelemetry: opentelemetry:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env: env:

2
GOLANG_VERSION
View file

@ -1 +1 @@
1.21.6 1.22.0

2
NGINX_BASE
View file

@ -1 +1 @@
registry.k8s.io/ingress-nginx/nginx:v20231208-4c39e6acc@sha256:03508408458d00ba4e219d2693ba2a039ba66d4151ab9b43794f61877e0abb73 registry.k8s.io/ingress-nginx/nginx-1.25:v0.0.5@sha256:cdafd6c9d36e23414ce41330a482f9136ce82fac46802809681f61cdcd5ad0bb

1
TAG
View file

@ -1 +0,0 @@
v1.9.5