From 0f93daed608b6173f6d65e0ce4f7ddd907654fe2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 14 Jun 2024 11:15:55 +0200 Subject: [PATCH 1/4] build(deps): bump the dependencies group with 3 updates (#789) Bumps the dependencies group with 3 updates: [docker/build-push-action](https://github.com/docker/build-push-action), [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `docker/build-push-action` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/2cdde995de11925a030ce8070c3d77a52ffcf1c0...ca052bb54ab0790a636c9b5f226502c73d547a25) Updates `github/codeql-action` from 3.25.7 to 3.25.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f079b8493333aace61c81488f8bd40919487bd9f...2e230e8fe0ad3a14a340ad0815ddb96d599d2aff) Updates `aquasecurity/trivy-action` from 0.21.0 to 0.22.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/fd25fed6972e341ff0007ddb61f77e88103953c2...595be6a0f6560a0a8fc419ddf630567fc623531d) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/administration-service.yml | 2 +- .github/workflows/codeql.yml | 6 +-- .github/workflows/iam-seeding.yml | 2 +- .github/workflows/kics.yml | 2 +- .github/workflows/maintenance-service.yml | 2 +- .github/workflows/marketplace-app-service.yml | 2 +- .github/workflows/notification-service.yml | 2 +- .github/workflows/portal-migrations.yml | 2 +- .github/workflows/processes-worker.yml | 2 +- .github/workflows/provisioning-migrations.yml | 2 +- .github/workflows/registration-service.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/release_candidate.yml | 2 +- .github/workflows/release_iam-seeding.yml | 2 +- .../workflows/release_release_candidate.yml | 2 +- .github/workflows/services-service.yml | 2 +- .github/workflows/trivy-dev.yml | 44 +++++++++---------- .github/workflows/trivy.yml | 44 +++++++++---------- 18 files changed, 62 insertions(+), 62 deletions(-) diff --git a/.github/workflows/administration-service.yml b/.github/workflows/administration-service.yml index 7f386b5dfb..134a636c7a 100644 --- a/.github/workflows/administration-service.yml +++ b/.github/workflows/administration-service.yml @@ -78,7 +78,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-administration-service diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index df88cdf403..b31785e744 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -73,7 +73,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f # v2.227 + uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v2.227 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -87,7 +87,7 @@ jobs: # Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup. # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@f079b8493333aace61c81488f8bd40919487bd9f # v2.227 + uses: github/codeql-action/autobuild@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v2.227 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -100,6 +100,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f # v2.227 + uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v2.227 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/iam-seeding.yml b/.github/workflows/iam-seeding.yml index cdb397984b..a64edc5330 100644 --- a/.github/workflows/iam-seeding.yml +++ b/.github/workflows/iam-seeding.yml @@ -71,7 +71,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-iam-seeding diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index cf227e6399..d03d52dd87 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -69,7 +69,7 @@ jobs: # Upload findings to GitHub Advanced Security Dashboard - name: Upload SARIF file for GitHub Advanced Security Dashboard if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: kicsResults/results.sarif diff --git a/.github/workflows/maintenance-service.yml b/.github/workflows/maintenance-service.yml index 57d16faacc..2c8ceebf96 100644 --- a/.github/workflows/maintenance-service.yml +++ b/.github/workflows/maintenance-service.yml @@ -72,7 +72,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-maintenance-service diff --git a/.github/workflows/marketplace-app-service.yml b/.github/workflows/marketplace-app-service.yml index 50389cf68a..70ec39ef5a 100644 --- a/.github/workflows/marketplace-app-service.yml +++ b/.github/workflows/marketplace-app-service.yml @@ -77,7 +77,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-marketplace-app-service diff --git a/.github/workflows/notification-service.yml b/.github/workflows/notification-service.yml index 35fef7ad80..75c1562123 100644 --- a/.github/workflows/notification-service.yml +++ b/.github/workflows/notification-service.yml @@ -75,7 +75,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-notification-service diff --git a/.github/workflows/portal-migrations.yml b/.github/workflows/portal-migrations.yml index 8556c0f465..f0ad12077f 100644 --- a/.github/workflows/portal-migrations.yml +++ b/.github/workflows/portal-migrations.yml @@ -72,7 +72,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-portal-migrations diff --git a/.github/workflows/processes-worker.yml b/.github/workflows/processes-worker.yml index e1338fbc8c..8b4b9ac14e 100644 --- a/.github/workflows/processes-worker.yml +++ b/.github/workflows/processes-worker.yml @@ -79,7 +79,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-processes-worker diff --git a/.github/workflows/provisioning-migrations.yml b/.github/workflows/provisioning-migrations.yml index 8a493882aa..4d7ba92f70 100644 --- a/.github/workflows/provisioning-migrations.yml +++ b/.github/workflows/provisioning-migrations.yml @@ -72,7 +72,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-provisioning-migrations diff --git a/.github/workflows/registration-service.yml b/.github/workflows/registration-service.yml index 75302be6ef..80ce0cdb8f 100644 --- a/.github/workflows/registration-service.yml +++ b/.github/workflows/registration-service.yml @@ -76,7 +76,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-registration-service diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d87bf2028e..87448874fc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -100,7 +100,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker images - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/release_candidate.yml b/.github/workflows/release_candidate.yml index eeb35fc825..3291721f07 100644 --- a/.github/workflows/release_candidate.yml +++ b/.github/workflows/release_candidate.yml @@ -95,7 +95,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker images - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/release_iam-seeding.yml b/.github/workflows/release_iam-seeding.yml index 71c7e56ece..a072653916 100644 --- a/.github/workflows/release_iam-seeding.yml +++ b/.github/workflows/release_iam-seeding.yml @@ -67,7 +67,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-iam-seeding diff --git a/.github/workflows/release_release_candidate.yml b/.github/workflows/release_release_candidate.yml index fb894b6171..f6e66463fe 100644 --- a/.github/workflows/release_release_candidate.yml +++ b/.github/workflows/release_release_candidate.yml @@ -99,7 +99,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker images - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/services-service.yml b/.github/workflows/services-service.yml index 6ea12aecc0..ca7edbeeee 100644 --- a/.github/workflows/services-service.yml +++ b/.github/workflows/services-service.yml @@ -76,7 +76,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 with: context: . file: ./docker/Dockerfile-services-service diff --git a/.github/workflows/trivy-dev.yml b/.github/workflows/trivy-dev.yml index fa051ebc42..32786efb7b 100644 --- a/.github/workflows/trivy-dev.yml +++ b/.github/workflows/trivy-dev.yml @@ -54,7 +54,7 @@ jobs: uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: scan-type: "config" hide-progress: false @@ -65,7 +65,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 if: always() with: sarif_file: "trivy-results1.sarif" @@ -88,7 +88,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-registration-service:dev" @@ -98,7 +98,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results3.sarif" @@ -120,7 +120,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-administration-service:dev" @@ -130,7 +130,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results4.sarif" @@ -152,7 +152,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-marketplace-app-service:dev" @@ -162,7 +162,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results5.sarif" @@ -184,7 +184,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-maintenance-service:dev" @@ -194,7 +194,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results6.sarif" @@ -216,7 +216,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-notification-service:dev" @@ -226,7 +226,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results7.sarif" @@ -248,7 +248,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-services-service:dev" @@ -258,7 +258,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results8.sarif" @@ -280,7 +280,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-portal-migrations:dev" @@ -290,7 +290,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results9.sarif" @@ -312,7 +312,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-provisioning-migrations:dev" @@ -322,7 +322,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results10.sarif" @@ -344,7 +344,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-processes-worker:dev" @@ -354,7 +354,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results11.sarif" @@ -376,7 +376,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-iam-seeding:dev" @@ -386,6 +386,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results12.sarif" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index c527e6c396..90ca109170 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -54,7 +54,7 @@ jobs: uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: scan-type: "config" hide-progress: false @@ -65,7 +65,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 if: always() with: sarif_file: "trivy-results1.sarif" @@ -88,7 +88,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-registration-service:latest" @@ -98,7 +98,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results3.sarif" @@ -120,7 +120,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-administration-service:latest" @@ -130,7 +130,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results4.sarif" @@ -152,7 +152,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-marketplace-app-service:latest" @@ -162,7 +162,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results5.sarif" @@ -184,7 +184,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-maintenance-service:latest" @@ -194,7 +194,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results6.sarif" @@ -216,7 +216,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-notification-service:latest" @@ -226,7 +226,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results7.sarif" @@ -248,7 +248,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-services-service:latest" @@ -258,7 +258,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results8.sarif" @@ -280,7 +280,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-portal-migrations:latest" @@ -290,7 +290,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results9.sarif" @@ -312,7 +312,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-provisioning-migrations:latest" @@ -322,7 +322,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results10.sarif" @@ -344,7 +344,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-processes-worker:latest" @@ -354,7 +354,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results11.sarif" @@ -376,7 +376,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-iam-seeding:latest" @@ -386,6 +386,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: "trivy-results12.sarif" From 73b3d03421dd9acd89e4a8fd15d75741e704c4aa Mon Sep 17 00:00:00 2001 From: Evelyn Gurschler Date: Thu, 20 Jun 2024 15:33:09 +0200 Subject: [PATCH 2/4] chore(TRG-7): update licensing and legal docs (#794) https://github.com/eclipse-tractusx/portal-backend/issues/784 --- CONTRIBUTING.md | 28 ++++++++++++++++++++-- DEPENDENCIES | 2 +- LICENSES/CC-BY-4.0.txt => LICENSE_non-code | 4 ++-- NOTICE.md | 13 +++++++--- 4 files changed, 39 insertions(+), 8 deletions(-) rename LICENSES/CC-BY-4.0.txt => LICENSE_non-code (99%) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e7ce01fcb9..3b51622079 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -16,6 +16,19 @@ Catena-X alliance focusing on parts traceability. * https://projects.eclipse.org/projects/automotive.tractusx +## Project licenses + +The Tractus-X project uses the following licenses: + +* Apache-2.0 for code +* CC-BY-4.0 for non-code + +## Terms of Use + +This repository is subject to the Terms of Use of the Eclipse Foundation + +* https://www.eclipse.org/legal/termsofuse.php + ## Developer resources Information regarding source code management, builds, coding standards, and @@ -23,9 +36,20 @@ more. * https://projects.eclipse.org/projects/automotive.tractusx/developer -The project maintains the source code repositories in the following GitHub organization: +Getting started: + +* https://eclipse-tractusx.github.io/docs/developer + +* https://projects.eclipse.org/projects/automotive.tractusx/developer + +The project maintains the source code repositories -* https://github.com/eclipse-tractusx/ +- https://github.com/eclipse-tractusx/portal-frontend +- https://github.com/eclipse-tractusx/portal-frontend-registration +- https://github.com/eclipse-tractusx/portal-shared-components +- https://github.com/eclipse-tractusx/portal-backend +- https://github.com/eclipse-tractusx/portal-assets +- https://github.com/eclipse-tractusx/portal-iam ## Eclipse Development Process diff --git a/DEPENDENCIES b/DEPENDENCIES index 8f0b34a960..89e2e7268c 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -11,7 +11,7 @@ nuget/nuget/-/Flurl.Http.Signed/3.2.4, MIT, approved, #3503 nuget/nuget/-/Flurl.Signed/3.0.6, MIT, approved, #3501 nuget/nuget/-/HtmlAgilityPack/1.11.59, MIT, approved, #9293 nuget/nuget/-/Humanizer.Core/2.14.1, MIT, approved, #10060 -nuget/nuget/-/Json.More.Net/2.0.0, MIT, approved, clearlydefined +nuget/nuget/-/Json.More.Net/2.0.0, MIT AND OFL-1.1 AND CC-BY-SA-4.0, approved, #15173 nuget/nuget/-/JsonPointer.Net/4.0.0, MIT, approved, clearlydefined nuget/nuget/-/JsonSchema.Net/6.0.5, MIT AND OFL-1.1 AND CC-BY-SA-4.0, approved, #13370 nuget/nuget/-/Laraue.EfCoreTriggers.Common/8.0.3, MIT, approved, #13968 diff --git a/LICENSES/CC-BY-4.0.txt b/LICENSE_non-code similarity index 99% rename from LICENSES/CC-BY-4.0.txt rename to LICENSE_non-code index 4ea99c213c..52665ed2a1 100644 --- a/LICENSES/CC-BY-4.0.txt +++ b/LICENSE_non-code @@ -1,4 +1,4 @@ -Attribution 4.0 International +Creative Commons Attribution 4.0 International ======================================================================= @@ -392,4 +392,4 @@ understandings, or agreements concerning use of licensed material. For the avoidance of doubt, this paragraph does not form part of the public licenses. -Creative Commons may be contacted at creativecommons.org. +Creative Commons may be contacted at creativecommons.org. \ No newline at end of file diff --git a/NOTICE.md b/NOTICE.md index a4f9bf1bb1..ae2003c531 100644 --- a/NOTICE.md +++ b/NOTICE.md @@ -12,12 +12,19 @@ source code repository logs. ## Declared Project Licenses -This program and the accompanying materials are made available under the terms -of the Apache License, Version 2.0 which is available at -https://www.apache.org/licenses/LICENSE-2.0. +The Tractus-X project uses the following licenses: +- Apache-2.0 for code +- CC-BY-4.0 for non-code + +Apache-2.0: +This program and the accompanying materials are made available under the terms of the Apache License, Version 2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0. SPDX-License-Identifier: Apache-2.0 +CC-BY-4.0: +The materials in this repository are made available under the terms of the Creative Commons Attribution 4.0 International License, which is available at https://spdx.org/licenses/CC-BY-4.0.html. +SPDX-License-Identifier: CC-BY-4.0 + ## Source Code The project maintains the following source code repositories in the GitHub organization https://github.com/eclipse-tractusx: From 4c420298b0563aa5c582efbcdccfaff34f231031 Mon Sep 17 00:00:00 2001 From: Evelyn Gurschler Date: Fri, 21 Jun 2024 15:45:09 +0200 Subject: [PATCH 3/4] chore(dev-flow): maintain latest changes in main branch (#795) get rid of the dev branch https://github.com/eclipse-tractusx/portal/issues/243 --- .github/dependabot.yml | 3 --- .github/workflows/administration-service.yml | 6 ++--- .github/workflows/codeql.yml | 2 +- .github/workflows/dependencies.yaml | 2 +- .github/workflows/iam-seeding.yml | 4 ++-- .github/workflows/kics.yml | 4 ++-- .github/workflows/maintenance-service.yml | 6 ++--- .github/workflows/marketplace-app-service.yml | 6 ++--- .github/workflows/notification-service.yml | 6 ++--- .github/workflows/portal-migrations.yml | 6 ++--- .github/workflows/pre-checks.yml | 2 +- .github/workflows/processes-worker.yml | 6 ++--- .github/workflows/provisioning-migrations.yml | 6 ++--- .github/workflows/registration-service.yml | 6 ++--- .github/workflows/release.yml | 2 +- .github/workflows/services-service.yml | 6 ++--- .github/workflows/sonarcloud.yml | 2 +- .../{trivy-dev.yml => trivy-main.yml} | 24 +++++++++---------- 18 files changed, 48 insertions(+), 51 deletions(-) rename .github/workflows/{trivy-dev.yml => trivy-main.yml} (97%) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f1c70b0639..b9434152d0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -23,7 +23,6 @@ updates: # NuGet - package-ecosystem: "nuget" - target-branch: dev directory: / labels: - "dependabot" @@ -42,7 +41,6 @@ updates: # Github Actions - package-ecosystem: "github-actions" - target-branch: dev directory: / labels: - "dependabot" @@ -56,7 +54,6 @@ updates: # Docker - package-ecosystem: "docker" - target-branch: dev directory: ./docker/ labels: - "dependabot" diff --git a/.github/workflows/administration-service.yml b/.github/workflows/administration-service.yml index 134a636c7a..073d10279c 100644 --- a/.github/workflows/administration-service.yml +++ b/.github/workflows/administration-service.yml @@ -38,7 +38,7 @@ on: - 'docker/Dockerfile-administration-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -74,7 +74,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -120,5 +120,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/administration-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b31785e744..04f45a7bf1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -33,7 +33,7 @@ name: "CodeQL" on: push: - branches: [main, dev] + branches: [main] paths: - 'src/**' pull_request: diff --git a/.github/workflows/dependencies.yaml b/.github/workflows/dependencies.yaml index 9c905f1c56..67aacfbe80 100644 --- a/.github/workflows/dependencies.yaml +++ b/.github/workflows/dependencies.yaml @@ -21,7 +21,7 @@ name: Check Dependencies on: push: - branches: [main, dev] + branches: [main] pull_request: types: [opened, synchronize, reopened] workflow_dispatch: diff --git a/.github/workflows/iam-seeding.yml b/.github/workflows/iam-seeding.yml index a64edc5330..d3c4762bed 100644 --- a/.github/workflows/iam-seeding.yml +++ b/.github/workflows/iam-seeding.yml @@ -31,7 +31,7 @@ on: - 'docker/Dockerfile-iam-seeding' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -67,7 +67,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index d03d52dd87..42f42f597d 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -21,10 +21,10 @@ name: "KICS" on: push: - branches: [main, dev] + branches: [main] # pull_request: # The branches below must be a subset of the branches above - # branches: [main, dev] + # branches: [main] # paths-ignore: # - "**/*.md" # - "**/*.txt" diff --git a/.github/workflows/maintenance-service.yml b/.github/workflows/maintenance-service.yml index 2c8ceebf96..6c54a9aa77 100644 --- a/.github/workflows/maintenance-service.yml +++ b/.github/workflows/maintenance-service.yml @@ -32,7 +32,7 @@ on: - 'docker/Dockerfile-maintenance-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -68,7 +68,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -114,5 +114,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/maintenance-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/marketplace-app-service.yml b/.github/workflows/marketplace-app-service.yml index 70ec39ef5a..582d5fade2 100644 --- a/.github/workflows/marketplace-app-service.yml +++ b/.github/workflows/marketplace-app-service.yml @@ -37,7 +37,7 @@ on: - 'docker/Dockerfile-marketplace-app-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -73,7 +73,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -119,5 +119,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/marketplace-app-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/notification-service.yml b/.github/workflows/notification-service.yml index 75c1562123..d0bbb1f9cd 100644 --- a/.github/workflows/notification-service.yml +++ b/.github/workflows/notification-service.yml @@ -34,7 +34,7 @@ on: - 'docker/Dockerfile-notification-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -71,7 +71,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -117,5 +117,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/notification-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/portal-migrations.yml b/.github/workflows/portal-migrations.yml index f0ad12077f..047d8c698a 100644 --- a/.github/workflows/portal-migrations.yml +++ b/.github/workflows/portal-migrations.yml @@ -32,7 +32,7 @@ on: - 'docker/Dockerfile-portal-migrations' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -68,7 +68,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -114,5 +114,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/portal-migrations-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/pre-checks.yml b/.github/workflows/pre-checks.yml index d335cd2c12..ef0bdc9726 100644 --- a/.github/workflows/pre-checks.yml +++ b/.github/workflows/pre-checks.yml @@ -23,7 +23,7 @@ name: Pre Checks on: push: - branches: [main, dev] + branches: [main] paths: - 'src/**' pull_request: diff --git a/.github/workflows/processes-worker.yml b/.github/workflows/processes-worker.yml index 8b4b9ac14e..ebe9aba2b2 100644 --- a/.github/workflows/processes-worker.yml +++ b/.github/workflows/processes-worker.yml @@ -39,7 +39,7 @@ on: - 'docker/Dockerfile-processes-worker' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -75,7 +75,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -121,5 +121,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/processes-worker-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/provisioning-migrations.yml b/.github/workflows/provisioning-migrations.yml index 4d7ba92f70..b0d7b0b9a2 100644 --- a/.github/workflows/provisioning-migrations.yml +++ b/.github/workflows/provisioning-migrations.yml @@ -32,7 +32,7 @@ on: - 'docker/Dockerfile-provisioning-migrations' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -68,7 +68,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -114,5 +114,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/provisioning-migrations-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/registration-service.yml b/.github/workflows/registration-service.yml index 80ce0cdb8f..69b26c7d09 100644 --- a/.github/workflows/registration-service.yml +++ b/.github/workflows/registration-service.yml @@ -36,7 +36,7 @@ on: - 'docker/Dockerfile-registration-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -72,7 +72,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -118,5 +118,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/registration-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 87448874fc..0f532a91fe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -162,7 +162,7 @@ jobs: if [[ ${{ steps.rc-check.outputs.rc }} == 'true' ]]; then echo "branch=release-candidate" >> $GITHUB_OUTPUT else - echo "branch=dev" >> $GITHUB_OUTPUT + echo "branch=main" >> $GITHUB_OUTPUT fi if: steps.hf-check.outputs.hf == 'false' diff --git a/.github/workflows/services-service.yml b/.github/workflows/services-service.yml index ca7edbeeee..718399d7f0 100644 --- a/.github/workflows/services-service.yml +++ b/.github/workflows/services-service.yml @@ -36,7 +36,7 @@ on: - 'docker/Dockerfile-services-service' branches: - - 'dev' + - 'main' workflow_dispatch: env: @@ -72,7 +72,7 @@ jobs: with: images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image @@ -118,5 +118,5 @@ jobs: --url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/services-service-image-update.yml/dispatches \ --header "authorization: Bearer $TOKEN" \ --header "Accept: application/vnd.github.v3+json" \ - --data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \ + --data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \ --fail diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 1d47c2ebc1..25c677c86c 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -20,7 +20,7 @@ name: Sonarcloud on: push: - branches: [main, dev] + branches: [main] paths: - 'src/**' - 'tests/**' diff --git a/.github/workflows/trivy-dev.yml b/.github/workflows/trivy-main.yml similarity index 97% rename from .github/workflows/trivy-dev.yml rename to .github/workflows/trivy-main.yml index 32786efb7b..1b7c4e064e 100644 --- a/.github/workflows/trivy-dev.yml +++ b/.github/workflows/trivy-main.yml @@ -20,11 +20,11 @@ # Depending on the location of your Docker container # you need to change the path to the specific Docker registry. # -name: "Trivy Dev" +name: "Trivy Main" on: push: - branches: [ dev ] + branches: [main] # pull_request: # The branches below must be a subset of the branches above # branches: [ main, master ] @@ -91,7 +91,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-registration-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-registration-service:main" format: "sarif" output: "trivy-results3.sarif" vuln-type: "os,library" @@ -123,7 +123,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-administration-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-administration-service:main" format: "sarif" output: "trivy-results4.sarif" vuln-type: "os,library" @@ -155,7 +155,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-marketplace-app-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-marketplace-app-service:main" format: "sarif" output: "trivy-results5.sarif" vuln-type: "os,library" @@ -187,7 +187,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-maintenance-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-maintenance-service:main" format: "sarif" output: "trivy-results6.sarif" vuln-type: "os,library" @@ -219,7 +219,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-notification-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-notification-service:main" format: "sarif" output: "trivy-results7.sarif" vuln-type: "os,library" @@ -251,7 +251,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-services-service:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-services-service:main" format: "sarif" output: "trivy-results8.sarif" vuln-type: "os,library" @@ -283,7 +283,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-portal-migrations:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-portal-migrations:main" format: "sarif" output: "trivy-results9.sarif" vuln-type: "os,library" @@ -315,7 +315,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-provisioning-migrations:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-provisioning-migrations:main" format: "sarif" output: "trivy-results10.sarif" vuln-type: "os,library" @@ -347,7 +347,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-processes-worker:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-processes-worker:main" format: "sarif" output: "trivy-results11.sarif" vuln-type: "os,library" @@ -379,7 +379,7 @@ jobs: uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: # Path to Docker image - image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-iam-seeding:dev" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}-iam-seeding:main" format: "sarif" output: "trivy-results12.sarif" vuln-type: "os,library" From e170c2be9cddfabb68ffa22b7a5f3e841647cf4d Mon Sep 17 00:00:00 2001 From: Evelyn Gurschler Date: Mon, 24 Jun 2024 11:36:15 +0200 Subject: [PATCH 4/4] fix(image-build): change from emulation to cross-compile (#803) * fix(image-build): change from emulation to cross-compile for building multi-platform images https://github.com/eclipse-tractusx/portal-backend/issues/802 https://docs.docker.com/build/building/multi-platform https://devblogs.microsoft.com/dotnet/improving-multiplatform-container-support also improve dockerfiles by removing unnecessary base stage and aligning environment variables --- .github/workflows/iam-seeding.yml | 3 --- .github/workflows/maintenance-service.yml | 3 --- .github/workflows/marketplace-app-service.yml | 3 --- .github/workflows/notification-service.yml | 3 --- .github/workflows/portal-migrations.yml | 3 --- .github/workflows/processes-worker.yml | 3 --- .github/workflows/provisioning-migrations.yml | 3 --- .github/workflows/registration-service.yml | 3 --- .github/workflows/release.yml | 3 --- .github/workflows/release_candidate.yml | 3 --- .github/workflows/release_iam-seeding.yml | 3 --- .github/workflows/release_release_candidate.yml | 3 --- .github/workflows/services-service.yml | 3 --- docker/Dockerfile-administration-service | 11 ++++++----- docker/Dockerfile-iam-seeding | 8 +++----- docker/Dockerfile-maintenance-service | 8 +++----- docker/Dockerfile-marketplace-app-service | 11 ++++++----- docker/Dockerfile-notification-service | 11 ++++++----- docker/Dockerfile-portal-migrations | 8 +++----- docker/Dockerfile-processes-worker | 8 +++----- docker/Dockerfile-provisioning-migrations | 8 +++----- docker/Dockerfile-registration-service | 11 ++++++----- docker/Dockerfile-services-service | 11 ++++++----- 23 files changed, 45 insertions(+), 89 deletions(-) diff --git a/.github/workflows/iam-seeding.yml b/.github/workflows/iam-seeding.yml index cdb397984b..e234a5a757 100644 --- a/.github/workflows/iam-seeding.yml +++ b/.github/workflows/iam-seeding.yml @@ -58,9 +58,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/maintenance-service.yml b/.github/workflows/maintenance-service.yml index 57d16faacc..052514010b 100644 --- a/.github/workflows/maintenance-service.yml +++ b/.github/workflows/maintenance-service.yml @@ -59,9 +59,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/marketplace-app-service.yml b/.github/workflows/marketplace-app-service.yml index 50389cf68a..6d78792089 100644 --- a/.github/workflows/marketplace-app-service.yml +++ b/.github/workflows/marketplace-app-service.yml @@ -64,9 +64,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/notification-service.yml b/.github/workflows/notification-service.yml index 35fef7ad80..1505e2580e 100644 --- a/.github/workflows/notification-service.yml +++ b/.github/workflows/notification-service.yml @@ -62,9 +62,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/portal-migrations.yml b/.github/workflows/portal-migrations.yml index 8556c0f465..8b0268a705 100644 --- a/.github/workflows/portal-migrations.yml +++ b/.github/workflows/portal-migrations.yml @@ -59,9 +59,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/processes-worker.yml b/.github/workflows/processes-worker.yml index e1338fbc8c..7d881a4767 100644 --- a/.github/workflows/processes-worker.yml +++ b/.github/workflows/processes-worker.yml @@ -66,9 +66,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/provisioning-migrations.yml b/.github/workflows/provisioning-migrations.yml index 8a493882aa..3a877783e2 100644 --- a/.github/workflows/provisioning-migrations.yml +++ b/.github/workflows/provisioning-migrations.yml @@ -59,9 +59,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/registration-service.yml b/.github/workflows/registration-service.yml index 75302be6ef..8ea8c43166 100644 --- a/.github/workflows/registration-service.yml +++ b/.github/workflows/registration-service.yml @@ -63,9 +63,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d87bf2028e..e1d383e23a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -82,9 +82,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/release_candidate.yml b/.github/workflows/release_candidate.yml index eeb35fc825..29b7f76dc1 100644 --- a/.github/workflows/release_candidate.yml +++ b/.github/workflows/release_candidate.yml @@ -82,9 +82,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/release_iam-seeding.yml b/.github/workflows/release_iam-seeding.yml index 71c7e56ece..438cfd90ee 100644 --- a/.github/workflows/release_iam-seeding.yml +++ b/.github/workflows/release_iam-seeding.yml @@ -49,9 +49,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/release_release_candidate.yml b/.github/workflows/release_release_candidate.yml index fb894b6171..58d6a47452 100644 --- a/.github/workflows/release_release_candidate.yml +++ b/.github/workflows/release_release_candidate.yml @@ -81,9 +81,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/.github/workflows/services-service.yml b/.github/workflows/services-service.yml index 6ea12aecc0..ec03311d19 100644 --- a/.github/workflows/services-service.yml +++ b/.github/workflows/services-service.yml @@ -63,9 +63,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - name: Docker meta id: meta uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 diff --git a/docker/Dockerfile-administration-service b/docker/Dockerfile-administration-service index 40342922da..fdb12e281b 100644 --- a/docker/Dockerfile-administration-service +++ b/docker/Dockerfile-administration-service @@ -17,17 +17,18 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH WORKDIR / COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ WORKDIR /src/administration/Administration.Service RUN dotnet publish "Administration.Service.csproj" -c Release -o /app/publish -FROM base AS final -ENV COMPlus_EnableDiagnostics=0 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine +ENV \ + COMPlus_EnableDiagnostics=0 \ + ASPNETCORE_URLS=http://+:8080 WORKDIR /app COPY --from=publish /app/publish . ENV ASPNETCORE_URLS http://+:8080 diff --git a/docker/Dockerfile-iam-seeding b/docker/Dockerfile-iam-seeding index 0781114715..00afa9066c 100644 --- a/docker/Dockerfile-iam-seeding +++ b/docker/Dockerfile-iam-seeding @@ -17,10 +17,8 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish -WORKDIR / +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH COPY LICENSE NOTICE.md DEPENDENCIES / COPY /src/framework/Framework.Async /src/framework/Framework.Async COPY /src/framework/Framework.ErrorHandling /src/framework/Framework.ErrorHandling @@ -34,7 +32,7 @@ COPY /src/keycloak/Keycloak.Seeding /src/keycloak/Keycloak.Seeding WORKDIR /src/keycloak/Keycloak.Seeding RUN dotnet publish "Keycloak.Seeding.csproj" -c Release -o /app/publish -FROM base AS final +FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine ENV COMPlus_EnableDiagnostics=0 WORKDIR /app COPY --from=publish /app/publish . diff --git a/docker/Dockerfile-maintenance-service b/docker/Dockerfile-maintenance-service index e1bf499351..928b7622f2 100644 --- a/docker/Dockerfile-maintenance-service +++ b/docker/Dockerfile-maintenance-service @@ -17,10 +17,8 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish -WORKDIR / +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/maintenance/Maintenance.App/ src/maintenance/Maintenance.App/ COPY src/portalbackend/PortalBackend.DBAccess/ src/portalbackend/PortalBackend.DBAccess/ @@ -37,7 +35,7 @@ RUN dotnet restore "src/maintenance/Maintenance.App/Maintenance.App.csproj" WORKDIR /src/maintenance/Maintenance.App RUN dotnet publish "Maintenance.App.csproj" -c Release -o /app/publish -FROM base AS final +FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine ENV COMPlus_EnableDiagnostics=0 WORKDIR /app COPY --from=publish /app/publish . diff --git a/docker/Dockerfile-marketplace-app-service b/docker/Dockerfile-marketplace-app-service index c0a6b29378..0fb61ab91a 100644 --- a/docker/Dockerfile-marketplace-app-service +++ b/docker/Dockerfile-marketplace-app-service @@ -17,17 +17,18 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH WORKDIR / COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ WORKDIR /src/marketplace/Apps.Service RUN dotnet publish "Apps.Service.csproj" -c Release -o /app/publish -FROM base AS final -ENV COMPlus_EnableDiagnostics=0 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine +ENV \ + COMPlus_EnableDiagnostics=0 \ + ASPNETCORE_URLS=http://+:8080 WORKDIR /app COPY --from=publish /app/publish . ENV ASPNETCORE_URLS http://+:8080 diff --git a/docker/Dockerfile-notification-service b/docker/Dockerfile-notification-service index b5e1b6147c..a7f73c0c3d 100644 --- a/docker/Dockerfile-notification-service +++ b/docker/Dockerfile-notification-service @@ -17,17 +17,18 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH WORKDIR / COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ WORKDIR /src/notifications/Notifications.Service RUN dotnet publish "Notifications.Service.csproj" -c Release -o /app/publish -FROM base AS final -ENV COMPlus_EnableDiagnostics=0 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine +ENV \ + COMPlus_EnableDiagnostics=0 \ + ASPNETCORE_URLS=http://+:8080 WORKDIR /app COPY --from=publish /app/publish . ENV ASPNETCORE_URLS http://+:8080 diff --git a/docker/Dockerfile-portal-migrations b/docker/Dockerfile-portal-migrations index 98ff6657bc..64f717e549 100644 --- a/docker/Dockerfile-portal-migrations +++ b/docker/Dockerfile-portal-migrations @@ -17,10 +17,8 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish -WORKDIR / +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH COPY LICENSE NOTICE.md DEPENDENCIES / COPY /src/portalbackend /src/portalbackend COPY /src/framework/Framework.DBAccess /src/framework/Framework.DBAccess @@ -34,7 +32,7 @@ COPY /src/processes/Processes.ProcessIdentity/ /src/processes/Processes.ProcessI WORKDIR /src/portalbackend/PortalBackend.Migrations RUN dotnet publish "PortalBackend.Migrations.csproj" -c Release -o /migrations/publish -FROM base AS final +FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine ENV COMPlus_EnableDiagnostics=0 WORKDIR /migrations COPY --from=publish /migrations/publish . diff --git a/docker/Dockerfile-processes-worker b/docker/Dockerfile-processes-worker index 47e1cb59c2..88c8a4b718 100644 --- a/docker/Dockerfile-processes-worker +++ b/docker/Dockerfile-processes-worker @@ -17,17 +17,15 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish -WORKDIR / +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ RUN dotnet restore "src/processes/Processes.Worker/Processes.Worker.csproj" WORKDIR /src/processes/Processes.Worker RUN dotnet publish "Processes.Worker.csproj" -c Release -o /app/publish -FROM base AS final +FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine ENV COMPlus_EnableDiagnostics=0 WORKDIR /app COPY --from=publish /app/publish . diff --git a/docker/Dockerfile-provisioning-migrations b/docker/Dockerfile-provisioning-migrations index dfbc26581c..ffa44ee1d9 100644 --- a/docker/Dockerfile-provisioning-migrations +++ b/docker/Dockerfile-provisioning-migrations @@ -17,10 +17,8 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish -WORKDIR / +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH COPY LICENSE NOTICE.md DEPENDENCIES / COPY /src/provisioning /src/provisioning COPY /src/framework/Framework.ErrorHandling /src/framework/Framework.ErrorHandling @@ -31,7 +29,7 @@ COPY /src/framework/Framework.Logging /src/framework/Framework.Logging WORKDIR /src/provisioning/Provisioning.Migrations RUN dotnet publish "Provisioning.Migrations.csproj" -c Release -o /migrations/publish -FROM base AS final +FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine ENV COMPlus_EnableDiagnostics=0 WORKDIR /migrations COPY --from=publish /migrations/publish . diff --git a/docker/Dockerfile-registration-service b/docker/Dockerfile-registration-service index 5e897bdaa8..b6cdbf2dfe 100644 --- a/docker/Dockerfile-registration-service +++ b/docker/Dockerfile-registration-service @@ -17,17 +17,18 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH WORKDIR / COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ WORKDIR /src/registration/Registration.Service RUN dotnet publish "Registration.Service.csproj" -c Release -o /app/publish -FROM base AS final -ENV COMPlus_EnableDiagnostics=0 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine +ENV \ + COMPlus_EnableDiagnostics=0 \ + ASPNETCORE_URLS=http://+:8080 WORKDIR /app COPY --from=publish /app/publish . ENV ASPNETCORE_URLS http://+:8080 diff --git a/docker/Dockerfile-services-service b/docker/Dockerfile-services-service index 59a249d07e..38881f33b9 100644 --- a/docker/Dockerfile-services-service +++ b/docker/Dockerfile-services-service @@ -17,17 +17,18 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base - -FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine-amd64 AS publish +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS publish +ARG TARGETARCH WORKDIR / COPY LICENSE NOTICE.md DEPENDENCIES / COPY src/ src/ WORKDIR /src/marketplace/Services.Service RUN dotnet publish "Services.Service.csproj" -c Release -o /app/publish -FROM base AS final -ENV COMPlus_EnableDiagnostics=0 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine +ENV \ + COMPlus_EnableDiagnostics=0 \ + ASPNETCORE_URLS=http://+:8080 WORKDIR /app COPY --from=publish /app/publish . ENV ASPNETCORE_URLS http://+:8080