diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d422a646..79631af2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,22 +11,6 @@ concurrency: cancel-in-progress: true jobs: - build-dev-docker: - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@3f5c61ad71b6a276b6c32b31e0b9bca59244f671 - with: - arch: x86_64 - bucket: '-dev' - version: 'test' - secrets: inherit - - build-dev-docker-arm64: - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@3f5c61ad71b6a276b6c32b31e0b9bca59244f671 - with: - arch: aarch64 - bucket: '-dev' - version: 'test' - secrets: inherit - build-minimal: runs-on: ubuntu-20.04 steps: diff --git a/.github/workflows/master.yaml b/.github/workflows/master.yaml index 1824d612..a76e2423 100644 --- a/.github/workflows/master.yaml +++ b/.github/workflows/master.yaml @@ -10,20 +10,20 @@ concurrency: jobs: build-dev-packages: - uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master with: arch: x86_64 secrets: inherit build-dev-packages-arm64: - uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master with: arch: aarch64 secrets: inherit publish-dev-packages: needs: [build-dev-packages, build-dev-packages-arm64] - uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master with: bucket: '-dev' version: ${{ needs.build-dev-packages.outputs.version }} @@ -31,7 +31,7 @@ jobs: build-dev-docker: needs: [build-dev-packages, publish-dev-packages] - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master with: arch: x86_64 bucket: '-dev' @@ -40,7 +40,7 @@ jobs: build-dev-docker-arm64: needs: [build-dev-packages, publish-dev-packages] - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master with: arch: aarch64 bucket: '-dev' @@ -49,5 +49,5 @@ jobs: publish-dev-docker: needs: [build-dev-docker, build-dev-docker-arm64] - uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master secrets: inherit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7f4f7102..886c28d4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -11,27 +11,27 @@ concurrency: jobs: build-packages: - uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master with: arch: x86_64 secrets: inherit build-packages-arm64: - uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master with: arch: aarch64 secrets: inherit publish-packages: needs: [build-packages, build-packages-arm64] - uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master with: version: ${{ needs.build-packages.outputs.version }} secrets: inherit build-docker: needs: [build-packages, publish-packages] - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master with: arch: x86_64 version: ${{ needs.build-packages.outputs.version }} @@ -39,7 +39,7 @@ jobs: build-docker-arm64: needs: [build-packages, publish-packages] - uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master with: arch: aarch64 version: ${{ needs.build-packages.outputs.version }} @@ -47,6 +47,6 @@ jobs: publish-docker: needs: [build-docker, build-docker-arm64] - uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@main + uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master secrets: inherit diff --git a/.github/workflows/reusable_build_docker.yaml b/.github/workflows/reusable_build_docker.yaml index ed8fe15c..ee3acaaf 100644 --- a/.github/workflows/reusable_build_docker.yaml +++ b/.github/workflows/reusable_build_docker.yaml @@ -38,85 +38,85 @@ jobs: run: | aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity -# - name: Build and publish no-driver -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/no-driver/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# VERSION_BUCKET=bin${{ inputs.bucket }} -# FALCO_VERSION=${{ inputs.version }} -# tags: | -# falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }} -# falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim -# public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }} -# public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim -# -# - name: Build and publish falco -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/falco/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# VERSION_BUCKET=deb${{ inputs.bucket }} -# FALCO_VERSION=${{ inputs.version }} -# tags: | -# falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }} -# public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }} -# -# - name: Build and publish falco-driver-loader -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/driver-loader/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# FALCO_IMAGE_TAG=${{ inputs.arch }}-${{ github.ref_name }} -# tags: | -# falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }} -# public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }} -# -# - name: Build and publish no-driver latest -# if: ${{ github.ref_name != 'master' }} -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/no-driver/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# VERSION_BUCKET=bin -# FALCO_VERSION=${{ github.ref_name }} -# tags: | -# falcosecurity/falco-no-driver:${{ inputs.arch }}-latest -# falcosecurity/falco:${{ inputs.arch }}-latest-slim -# public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-latest -# public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-latest-slim -# -# - name: Build and publish falco latest -# if: ${{ github.ref_name != 'master' }} -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/falco/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# VERSION_BUCKET=deb -# FALCO_VERSION=${{ github.ref_name }} -# tags: | -# falcosecurity/falco:${{ inputs.arch }}-latest -# public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-latest -# -# - name: Build and publish falco-driver-loader latest -# if: ${{ github.ref_name != 'master' }} -# uses: docker/build-push-action@v3 -# with: -# context: ${{ github.workspace }}/docker/driver-loader/ -# push: true -# provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 -# build-args: | -# FALCO_IMAGE_TAG=${{ inputs.arch }}-latest -# tags: | -# falcosecurity/falco-driver-loader:${{ inputs.arch }}-latest -# public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-latest + - name: Build and publish no-driver + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/no-driver/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + VERSION_BUCKET=bin${{ inputs.bucket }} + FALCO_VERSION=${{ inputs.version }} + tags: | + falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }} + falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim + public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }} + public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim + + - name: Build and publish falco + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/falco/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + VERSION_BUCKET=deb${{ inputs.bucket }} + FALCO_VERSION=${{ inputs.version }} + tags: | + falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }} + public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }} + + - name: Build and publish falco-driver-loader + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/driver-loader/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + FALCO_IMAGE_TAG=${{ inputs.arch }}-${{ github.ref_name }} + tags: | + falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }} + public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }} + + - name: Build and publish no-driver latest + if: ${{ github.ref_name != 'master' }} + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/no-driver/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + VERSION_BUCKET=bin + FALCO_VERSION=${{ github.ref_name }} + tags: | + falcosecurity/falco-no-driver:${{ inputs.arch }}-latest + falcosecurity/falco:${{ inputs.arch }}-latest-slim + public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-latest + public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-latest-slim + + - name: Build and publish falco latest + if: ${{ github.ref_name != 'master' }} + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/falco/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + VERSION_BUCKET=deb + FALCO_VERSION=${{ github.ref_name }} + tags: | + falcosecurity/falco:${{ inputs.arch }}-latest + public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-latest + + - name: Build and publish falco-driver-loader latest + if: ${{ github.ref_name != 'master' }} + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/docker/driver-loader/ + push: true + provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131 + build-args: | + FALCO_IMAGE_TAG=${{ inputs.arch }}-latest + tags: | + falcosecurity/falco-driver-loader:${{ inputs.arch }}-latest + public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-latest diff --git a/.github/workflows/reusable_build_packages.yaml b/.github/workflows/reusable_build_packages.yaml index 928c04fa..f821e149 100644 --- a/.github/workflows/reusable_build_packages.yaml +++ b/.github/workflows/reusable_build_packages.yaml @@ -14,7 +14,7 @@ on: jobs: build-modern-bpf-skeleton: # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 - runs-on: ${{ (inputs.arch == "aarch64") && fromJSON('[ "self-hosted", "linux", "ARM64" ]') || 'ubuntu-latest' }} + runs-on: ${{ (inputs.arch == 'aarch64' && fromJSON('[ "self-hosted", "linux", "ARM64" ]')) || 'ubuntu-latest' }} container: fedora:latest steps: - name: Install build dependencies @@ -40,7 +40,7 @@ jobs: build-packages: # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 - runs-on: ${{ (inputs.arch == "aarch64") && fromJSON('[ "self-hosted", "linux", "ARM64" ]') || 'ubuntu-latest' }} + runs-on: ${{ (inputs.arch == 'aarch64' && fromJSON('[ "self-hosted", "linux", "ARM64" ]')) || 'ubuntu-latest' }} needs: build-modern-bpf-skeleton container: centos:7 # Map the job outputs to step outputs