Skip to content

chore(deps): update ubuntu.azurecr.io/ubuntu:22.04 docker digest to 0… #1693

chore(deps): update ubuntu.azurecr.io/ubuntu:22.04 docker digest to 0…

chore(deps): update ubuntu.azurecr.io/ubuntu:22.04 docker digest to 0… #1693

Workflow file for this run

name: "Ubuntu .NET Runtime Deps Tests"
on: push
env:
runtime-deps-image-name: ubuntu/dotnet-deps:test
runtime-image-name: ubuntu/dotnet-runtime:test
aspnet-image-name: ubuntu/dotnet-aspnet:test
dotnet-version: "6.0"
skopeo-image: 'quay.io/skopeo/stable:v1.15.1'
jobs:
build:
runs-on: ubuntu-22.04
name: Build and Test
outputs:
build_status: ${{ steps.set-outputs.outputs.status }}
strategy:
fail-fast: true
matrix:
ubuntu-release: ["22.04"]
steps:
- uses: actions/checkout@v4
- name: Prepare working environment for running and collecting test results
run: |
pip install shyaml
- uses: actions/setup-dotnet@v4
with:
dotnet-version: "6.0.x"
# Setup QEMU and Docker buildx
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Set up Syft
uses: anchore/sbom-action/[email protected]
with:
syft-version: "v0.80.0"
# Lint the Dockerfiles
- name: Lint the .NET runtime deps container image recipe
uses: hadolint/[email protected]
with:
dockerfile: dotnet-deps/Dockerfile.${{ matrix.ubuntu-release }}
ignore: DL3008,DL3015,SC3028
- name: Lint the .NET runtime container image recipe
uses: hadolint/[email protected]
with:
dockerfile: dotnet-runtime/Dockerfile.${{ matrix.ubuntu-release }}
ignore: DL3008,DL3015,SC3028
- name: Lint the ASP.NET Core runtime container image recipe
uses: hadolint/[email protected]
with:
dockerfile: dotnet-aspnet/Dockerfile.${{ matrix.ubuntu-release }}
ignore: DL3008,DL3015,SC3028
# Build images for multiple archs
- name: Build the .NET runtime deps container image
run: |
set -x
archs=`cat rockcraft.*.dotnet-deps-6.0-${{ matrix.ubuntu-release }}.yaml | shyaml get-value platforms | shyaml keys`
buildx_platforms="linux/$(echo ${archs} | sed 's/ /,linux\//g')"
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-deps.tar \
-f dotnet-deps/Dockerfile.${{ matrix.ubuntu-release }} \
dotnet-deps
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-v $PWD:/workspace -w /workspace \
${{ env.skopeo-image }} \
copy oci-archive:dotnet-deps.tar \
docker-daemon:${{ env.runtime-deps-image-name }}
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-deps-sbom.tar \
-f dotnet-deps/Dockerfile.${{ matrix.ubuntu-release }} \
--target sbom-prep \
dotnet-deps
for arch in $archs; do
docker run --rm -v $PWD:/workspace \
-w /workspace \
${{ env.skopeo-image }} \
copy --override-arch "$arch" \
oci-archive:dotnet-deps-sbom.tar \
oci-archive:"dotnet-deps-sbom.$arch.tar"
syft packages \
-o spdx-json \
--name "${{ env.runtime-deps-image-name }}" \
oci-archive:"dotnet-deps-sbom.$arch.tar" > "dotnet-deps-${{ env.dotnet-version }}-${{ matrix.ubuntu-release }}-oci-$arch-root.sbom.spdx"
done
- name: Build the .NET runtime container image
run: |
set -x
archs=`cat rockcraft.*.dotnet-runtime-6.0-${{ matrix.ubuntu-release }}.yaml | shyaml get-value platforms | shyaml keys`
buildx_platforms="linux/$(echo ${archs} | sed 's/ /,linux\//g')"
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-runtime.tar \
-f dotnet-runtime/Dockerfile.${{ matrix.ubuntu-release }} \
dotnet-runtime
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-v $PWD:/workspace -w /workspace \
${{ env.skopeo-image }} \
copy oci-archive:dotnet-runtime.tar \
docker-daemon:${{ env.runtime-image-name }}
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-runtime-sbom.tar \
-f dotnet-runtime/Dockerfile.${{ matrix.ubuntu-release }} \
--target sbom-prep \
dotnet-runtime
for arch in $archs; do
docker run --rm -v $PWD:/workspace \
-w /workspace \
${{ env.skopeo-image }} \
copy --override-arch "$arch" \
oci-archive:dotnet-runtime-sbom.tar \
oci-archive:"dotnet-runtime-sbom.$arch.tar"
syft packages \
-o spdx-json \
--name "${{ env.runtime-image-name }}" \
oci-archive:"dotnet-runtime-sbom.$arch.tar" > "dotnet-runtime-${{ env.dotnet-version }}-${{ matrix.ubuntu-release }}-oci-$arch-root.sbom.spdx"
done
- name: Build the ASP.NET Core runtime container image
run: |
set -x
archs=`cat rockcraft.*.dotnet-aspnet-6.0-${{ matrix.ubuntu-release }}.yaml | shyaml get-value platforms | shyaml keys`
buildx_platforms="linux/$(echo ${archs} | sed 's/ /,linux\//g')"
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-aspnet.tar \
-f dotnet-aspnet/Dockerfile.${{ matrix.ubuntu-release }} \
dotnet-aspnet
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-v $PWD:/workspace -w /workspace \
${{ env.skopeo-image }} \
copy oci-archive:dotnet-aspnet.tar \
docker-daemon:${{ env.aspnet-image-name }}
docker buildx build \
--platform=${buildx_platforms} \
--output type=oci,dest=dotnet-aspnet-sbom.tar \
-f dotnet-aspnet/Dockerfile.${{ matrix.ubuntu-release }} \
--target sbom-prep \
dotnet-aspnet
for arch in $archs; do
docker run --rm -v $PWD:/workspace \
-w /workspace \
${{ env.skopeo-image }} \
copy --override-arch "$arch" \
oci-archive:dotnet-aspnet-sbom.tar \
oci-archive:"dotnet-aspnet-sbom.$arch.tar"
syft packages \
-o spdx-json \
--name "${{ env.aspnet-image-name }}" \
oci-archive:"dotnet-aspnet-sbom.$arch.tar" > "dotnet-aspnet-${{ env.dotnet-version }}-${{ matrix.ubuntu-release }}-oci-$arch-root.sbom.spdx"
done
- name: Upload SBOM artifacts
uses: actions/upload-artifact@v4
with:
name: SBOMs
path: dotnet-*-root.sbom.spdx
- name: Run Tests
working-directory: ${{ github.workspace }}/tests
run: |
./run-all-tests ${{ env.runtime-deps-image-name }} ${{ env.runtime-image-name }} ${{ env.aspnet-image-name }}
- id: set-outputs
if: always()
run: |
echo "::set-output name=status::${{ job.status }}"
notify:
needs:
- build
if: always()
name: Post Workflow Status to Mattermost
runs-on: ubuntu-latest
steps:
- name: Create the Mattermost Message
run: |
case "${{ needs.build.outputs.build_status }}" in
failure) msg_icon=":x:" ;;
success) msg_icon=":white_check_mark:" ;;
cancelled) msg_icon=":no_entry_sign:" ;;
*) msg_icon=":grey_question:" ;;
esac
msg=$(cat << EOF
##### $msg_icon GitHub Workflow '${{ github.workflow }}' execution [#${{ github.run_number }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) has ended with the status \`${{ needs.build.outputs.build_status }}\`, for:
- Project: [${{ github.repository }}](${{ github.server_url }}/${{ github.repository }})
- Branch: [${{ github.ref_name }}](${{ github.server_url }}/${{ github.repository }}/tree/${{ github.ref_name }})
- Commit: [${{ github.sha }}](${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}); _${{ github.event.head_commit.message }}_
- Triggered by: ${{ github.triggering_actor }}
EOF
)
jq -n --arg message "$msg" >mattermost.json '
{
text: $message,
}
'
- uses: slackapi/[email protected]
with:
payload-file-path: "mattermost.json"
env:
SLACK_WEBHOOK_URL: ${{ secrets.MATTERMOST_ROCKS_DEV_WEBHOOK_URL }}