mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-01 06:37:22 +00:00
fix(build): try to use root user for cimg/base.
Moreover, fixed buildx usage. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
committed by
poiana
poiana
parent
7068e9958f
commit
0a98e11428
@@ -240,6 +240,7 @@ jobs:
|
|||||||
"publish/docker-dev":
|
"publish/docker-dev":
|
||||||
docker:
|
docker:
|
||||||
- image: cimg/base:stable
|
- image: cimg/base:stable
|
||||||
|
user: root
|
||||||
steps:
|
steps:
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: /
|
at: /
|
||||||
@@ -247,10 +248,16 @@ jobs:
|
|||||||
- setup_remote_docker:
|
- setup_remote_docker:
|
||||||
version: 20.10.12
|
version: 20.10.12
|
||||||
- run:
|
- run:
|
||||||
|
name: Prepare env
|
||||||
|
command: |
|
||||||
|
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
docker context create falco-env
|
||||||
|
docker buildx create falco-env --driver docker-container --use
|
||||||
|
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
||||||
|
- run:
|
||||||
name: Build and publish no-driver-dev
|
name: Build and publish no-driver-dev
|
||||||
command: |
|
command: |
|
||||||
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg VERSION_BUCKET=bin-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=bin-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
||||||
-t falcosecurity/falco-no-driver:master \
|
-t falcosecurity/falco-no-driver:master \
|
||||||
-t falcosecurity/falco:master-slim \
|
-t falcosecurity/falco:master-slim \
|
||||||
@@ -259,14 +266,12 @@ jobs:
|
|||||||
name: Build and publish dev
|
name: Build and publish dev
|
||||||
command: |
|
command: |
|
||||||
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg VERSION_BUCKET=deb-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=deb-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
||||||
-t falcosecurity/falco:master \
|
-t falcosecurity/falco:master \
|
||||||
docker/falco
|
docker/falco
|
||||||
- run:
|
- run:
|
||||||
name: Build and publish dev falco-driver-loader-dev
|
name: Build and publish dev falco-driver-loader-dev
|
||||||
command: |
|
command: |
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg FALCO_IMAGE_TAG=master --platform "arm64,amd64" --push \
|
docker buildx build --build-arg FALCO_IMAGE_TAG=master --platform "arm64,amd64" --push \
|
||||||
-t falcosecurity/falco-driver-loader:master \
|
-t falcosecurity/falco-driver-loader:master \
|
||||||
docker/driver-loader
|
docker/driver-loader
|
||||||
@@ -274,6 +279,7 @@ jobs:
|
|||||||
"publish/container-images-aws-dev":
|
"publish/container-images-aws-dev":
|
||||||
docker:
|
docker:
|
||||||
- image: cimg/base:stable
|
- image: cimg/base:stable
|
||||||
|
user: root
|
||||||
steps:
|
steps:
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: /
|
at: /
|
||||||
@@ -281,12 +287,18 @@ jobs:
|
|||||||
- setup_remote_docker:
|
- setup_remote_docker:
|
||||||
version: 20.10.12
|
version: 20.10.12
|
||||||
- run:
|
- run:
|
||||||
name: Build and publish no-driver (dev) to AWS
|
name: Prepare env
|
||||||
command: |
|
command: |
|
||||||
|
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
docker context create falco-env
|
||||||
|
docker buildx create falco-env --driver docker-container --use
|
||||||
apk update
|
apk update
|
||||||
apk add --update groff less py-pip
|
apk add --update groff less py-pip
|
||||||
pip install awscli
|
pip install awscli
|
||||||
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
||||||
|
- run:
|
||||||
|
name: Build and publish no-driver (dev) to AWS
|
||||||
|
command: |
|
||||||
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||||
docker buildx build --build-arg VERSION_BUCKET=bin-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=bin-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco-no-driver:master" \
|
-t "public.ecr.aws/falcosecurity/falco-no-driver:master" \
|
||||||
@@ -295,10 +307,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish falco (dev) to AWS
|
name: Build and publish falco (dev) to AWS
|
||||||
command: |
|
command: |
|
||||||
apk update
|
|
||||||
apk add --update groff less py-pip
|
|
||||||
pip install awscli
|
|
||||||
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
|
||||||
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
FALCO_VERSION=$(cat /build/release/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||||
docker buildx build --build-arg VERSION_BUCKET=deb-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=deb-dev --build-arg FALCO_VERSION=${FALCO_VERSION} --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco:master" \
|
-t "public.ecr.aws/falcosecurity/falco:master" \
|
||||||
@@ -306,10 +314,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish driver-loader (dev) to AWS
|
name: Build and publish driver-loader (dev) to AWS
|
||||||
command: |
|
command: |
|
||||||
apk update
|
|
||||||
apk add --update groff less py-pip
|
|
||||||
pip install awscli
|
|
||||||
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
|
||||||
docker buildx build --build-arg FALCO_IMAGE_TAG=master --platform "arm64,amd64" --push \
|
docker buildx build --build-arg FALCO_IMAGE_TAG=master --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco-driver-loader:master" \
|
-t "public.ecr.aws/falcosecurity/falco-driver-loader:master" \
|
||||||
docker/driver-loader
|
docker/driver-loader
|
||||||
@@ -366,16 +370,23 @@ jobs:
|
|||||||
"publish/docker":
|
"publish/docker":
|
||||||
docker:
|
docker:
|
||||||
- image: cimg/base:stable
|
- image: cimg/base:stable
|
||||||
|
user: root
|
||||||
steps:
|
steps:
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: /
|
at: /
|
||||||
- checkout
|
- checkout
|
||||||
- setup_remote_docker:
|
- setup_remote_docker:
|
||||||
version: 20.10.12
|
version: 20.10.12
|
||||||
|
- run:
|
||||||
|
name: Prepare env
|
||||||
|
command: |
|
||||||
|
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
docker context create falco-env
|
||||||
|
docker buildx create falco-env --driver docker-container --use
|
||||||
|
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
||||||
- run:
|
- run:
|
||||||
name: Build and publish no-driver
|
name: Build and publish no-driver
|
||||||
command: |
|
command: |
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg VERSION_BUCKET=bin --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=bin --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "falcosecurity/falco-no-driver:${CIRCLE_TAG}" \
|
-t "falcosecurity/falco-no-driver:${CIRCLE_TAG}" \
|
||||||
-t falcosecurity/falco-no-driver:latest \
|
-t falcosecurity/falco-no-driver:latest \
|
||||||
@@ -385,7 +396,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish falco
|
name: Build and publish falco
|
||||||
command: |
|
command: |
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg VERSION_BUCKET=deb --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=deb --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "falcosecurity/falco:${CIRCLE_TAG}" \
|
-t "falcosecurity/falco:${CIRCLE_TAG}" \
|
||||||
-t "falcosecurity/falco:latest" \
|
-t "falcosecurity/falco:latest" \
|
||||||
@@ -393,7 +403,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish falco-driver-loader
|
name: Build and publish falco-driver-loader
|
||||||
command: |
|
command: |
|
||||||
echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin
|
|
||||||
docker buildx build --build-arg FALCO_IMAGE_TAG=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg FALCO_IMAGE_TAG=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "falcosecurity/falco-driver-loader:${CIRCLE_TAG}" \
|
-t "falcosecurity/falco-driver-loader:${CIRCLE_TAG}" \
|
||||||
-t "falcosecurity/falco-driver-loader:latest" \
|
-t "falcosecurity/falco-driver-loader:latest" \
|
||||||
@@ -402,6 +411,7 @@ jobs:
|
|||||||
"publish/container-images-aws":
|
"publish/container-images-aws":
|
||||||
docker:
|
docker:
|
||||||
- image: cimg/base:stable
|
- image: cimg/base:stable
|
||||||
|
user: root
|
||||||
steps:
|
steps:
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: /
|
at: /
|
||||||
@@ -409,12 +419,18 @@ jobs:
|
|||||||
- setup_remote_docker:
|
- setup_remote_docker:
|
||||||
version: 20.10.12
|
version: 20.10.12
|
||||||
- run:
|
- run:
|
||||||
name: Build and publish no-driver to AWS
|
name: Prepare env
|
||||||
command: |
|
command: |
|
||||||
|
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
docker context create falco-env
|
||||||
|
docker buildx create falco-env --driver docker-container --use
|
||||||
apk update
|
apk update
|
||||||
apk add --update groff less py-pip
|
apk add --update groff less py-pip
|
||||||
pip install awscli
|
pip install awscli
|
||||||
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
||||||
|
- run:
|
||||||
|
name: Build and publish no-driver to AWS
|
||||||
|
command: |
|
||||||
docker buildx build --build-arg VERSION_BUCKET=bin --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=bin --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco-no-driver:${CIRCLE_TAG}" \
|
-t "public.ecr.aws/falcosecurity/falco-no-driver:${CIRCLE_TAG}" \
|
||||||
-t public.ecr.aws/falcosecurity/falco-no-driver:latest \
|
-t public.ecr.aws/falcosecurity/falco-no-driver:latest \
|
||||||
@@ -424,10 +440,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish falco to AWS
|
name: Build and publish falco to AWS
|
||||||
command: |
|
command: |
|
||||||
apk update
|
|
||||||
apk add --update groff less py-pip
|
|
||||||
pip install awscli
|
|
||||||
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
|
||||||
docker buildx build --build-arg VERSION_BUCKET=deb --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg VERSION_BUCKET=deb --build-arg FALCO_VERSION=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco:${CIRCLE_TAG}" \
|
-t "public.ecr.aws/falcosecurity/falco:${CIRCLE_TAG}" \
|
||||||
-t public.ecr.aws/falcosecurity/falco:latest \
|
-t public.ecr.aws/falcosecurity/falco:latest \
|
||||||
@@ -435,9 +447,6 @@ jobs:
|
|||||||
- run:
|
- run:
|
||||||
name: Build and publish falco-driver-loader to AWS
|
name: Build and publish falco-driver-loader to AWS
|
||||||
command: |
|
command: |
|
||||||
apk update
|
|
||||||
apk add --update groff less py-pip
|
|
||||||
pip install awscli
|
|
||||||
docker buildx build --build-arg FALCO_IMAGE_TAG=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
docker buildx build --build-arg FALCO_IMAGE_TAG=${CIRCLE_TAG} --platform "arm64,amd64" --push \
|
||||||
-t "public.ecr.aws/falcosecurity/falco-driver-loader:${CIRCLE_TAG}" \
|
-t "public.ecr.aws/falcosecurity/falco-driver-loader:${CIRCLE_TAG}" \
|
||||||
-t public.ecr.aws/falcosecurity/falco-driver-loader:latest \
|
-t public.ecr.aws/falcosecurity/falco-driver-loader:latest \
|
||||||
|
|||||||
Reference in New Issue
Block a user