Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Also build for arm64 #914

Merged
merged 3 commits into from
Mar 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion .github/workflows/pull_request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -182,10 +182,15 @@ jobs:
runs-on: ubuntu-22.04
needs: [site_unit_tests, server_unit_tests]
if: github.repository == 'OWASP/threat-dragon'
outputs:
image_is_pushed: ${{ steps.set-outputs.outputs.CREDS_PRESENT }}
steps:
- name: Checkout
uses: actions/[email protected]

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
id: buildx
uses: docker/[email protected]
Expand All @@ -202,9 +207,12 @@ jobs:

- name: Login to Docker Hub
uses: docker/[email protected]
if: ${{ env.DOCKERHUB_TOKEN != '' }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build and push
id: docker_build
Expand All @@ -213,15 +221,22 @@ jobs:
context: ./
file: ./Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: true
push: ${{ env.DOCKERHUB_TOKEN != '' }}
tags: ${{ env.IMAGE_NAME }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
platforms: linux/amd64,linux/arm64

- name: Set outputs
id: set-outputs
run: |-
echo "CREDS_PRESENT=${{ secrets.DOCKERHUB_TOKEN != ''}}" >> $GITHUB_OUTPUT

e2e_smokes:
name: Site e2e smokes
runs-on: ubuntu-22.04
needs: [build_docker_image]
if: ${{ needs.build_docker_image.outputs.image_is_pushed == 'true'}}
defaults:
run:
working-directory: td.vue
Expand Down Expand Up @@ -322,6 +337,7 @@ jobs:
name: Site zap scan
runs-on: ubuntu-22.04
needs: [build_docker_image]
if: ${{ needs.build_docker_image.outputs.image_is_pushed == 'true'}}
steps:
- name: Run Threat Dragon
run: |
Expand Down Expand Up @@ -369,6 +385,7 @@ jobs:
name: Scan with trivy
runs-on: ubuntu-22.04
needs: [build_docker_image]
if: ${{ needs.build_docker_image.outputs.image_is_pushed == 'true'}}
permissions:
contents: write

Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,9 @@ jobs:
- name: Checkout
uses: actions/[email protected]

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
id: buildx
uses: docker/[email protected]
Expand Down Expand Up @@ -253,6 +256,7 @@ jobs:
tags: ${{ env.IMAGE_NAME }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
platforms: linux/amd64,linux/arm64

heroku_deploy:
name: Upload to Heroku
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -346,6 +346,9 @@ jobs:
- name: Checkout
uses: actions/[email protected]

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
id: buildx
uses: docker/[email protected]
Expand Down Expand Up @@ -377,6 +380,7 @@ jobs:
tags: ${{ env.IMAGE_NAME }}:${{ github.ref_name }},${{ env.IMAGE_NAME }}:stable
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
platforms: linux/amd64,linux/arm64

webapp_release:
name: Publish web application
Expand Down
6 changes: 2 additions & 4 deletions release-process.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,9 @@ The github release workflow then creates the draft release and the install image

1. once tagged, the github workflow pushes the docker image to docker hub
2. check using `docker pull threatdragon/owasp-threat-dragon:v2.2.0`
3. on MacOS M1 this command may need to be used:
`docker pull --platform linux/x86_64 threatdragon/owasp-threat-dragon:v2.2.0`
4. Test using the command to run a detached container:
3. Test using the command to run a detached container:
`docker run -d -p 8080:3000 -v $(pwd)/.env:/app/.env threatdragon/owasp-threat-dragon:v2.2.0`
5. Ideally test this release on Windows, linux and MacOS using `http://localhost:8080/#/`
4. Ideally test this release on Windows, linux and MacOS using `http://localhost:8080/#/`

If the image tests correctly, promote the docker image
from dockerhub `threatdragon/` to dockerhub `OWASP/threat-dragon/v2.2.0`.
Expand Down