Skip to content

fix: custom/hardened-alpine/infra/Dockerfile to reduce vulnerabilitie… #74

fix: custom/hardened-alpine/infra/Dockerfile to reduce vulnerabilitie…

fix: custom/hardened-alpine/infra/Dockerfile to reduce vulnerabilitie… #74

Workflow file for this run

---
name: push-pipeline
on:
push:
branches:
- master
defaults:
run:
shell: bash
env:
DNAME: ${{ secrets.DNAME }}
DPASS: ${{ secrets.DPASS }}
jobs:
shell-checker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: checking syntax of shell script
run: bash -c 'shopt -s globstar nullglob; shellcheck **/*.{sh,ksh,bash}' || true
changes:
runs-on: ubuntu-latest
# Set job outputs to values from filter step
# this is done to run the selective jobs based on the code change
outputs:
kafka-deployer: ${{ steps.filter.outputs.kafka-deployer }}
forkbomb: ${{ steps.filter.outputs.forkbomb }}
fio: ${{ steps.filter.outputs.fio }}
mysql-client: ${{ steps.filter.outputs.mysql-client }}
sysbench-client: ${{ steps.filter.outputs.sysbench-client }}
tpcc-client: ${{ steps.filter.outputs.tpcc-client }}
stress-ng: ${{ steps.filter.outputs.stress-ng }}
mongo-client: ${{ steps.filter.outputs.mongo-client }}
postgres-client: ${{ steps.filter.outputs.postgres-client }}
custom-client: ${{ steps.filter.outputs.custom-client }}
logger: ${{ steps.filter.outputs.logger }}
dd-client: ${{ steps.filter.outputs.dd-client }}
memleak: ${{ steps.filter.outputs.memleak }}
elasticsearch-stress: ${{ steps.filter.outputs.elasticsearch-stress }}
kafka-client: ${{ steps.filter.outputs.kafka-client }}
memory-stress: ${{ steps.filter.outputs.memory-stress }}
nfs-client: ${{ steps.filter.outputs.nfs-client }}
cassandra-client: ${{ steps.filter.outputs.cassandra-client }}
litmus-app-deployer: ${{ steps.filter.outputs.litmus-app-deployer }}
litmus-qps-cmd: ${{ steps.filter.outputs.litmus-qps-cmd }}
pod-delete: ${{ steps.filter.outputs.pod-delete }}
pod-delete-helper: ${{ steps.filter.outputs.pod-delete-helper }}
container-killer: ${{ steps.filter.outputs.container-killer }}
container-kill-helper: ${{ steps.filter.outputs.pod-delete }}
litmus-git-app-checker: ${{ steps.filter.outputs.litmus-git-app-checker }}
litmus-k8s: ${{ steps.filter.outputs.litmus-k8s }}
litmus-curl: ${{ steps.filter.outputs.litmus-curl }}
litmus-checker: ${{ steps.filter.outputs.litmus-checker }}
litmus-argocli: ${{ steps.filter.outputs.litmus-argocli }}
workflow-controller: ${{ steps.filter.outputs.workflow-controller }}
argoexec: ${{ steps.filter.outputs.argoexec }}
mongo: ${{ steps.filter.outputs.mongo }}
litmus-pg-load: ${{ steps.filter.outputs.litmus-pg-load }}
litmus-pg-jmeter: ${{ steps.filter.outputs.litmus-pg-jmeter }}
litmus-experiment-hardened-alpine: ${{ steps.filter.outputs.litmus-experiment-hardened-alpine }}
litmus-infra-hardened-alpine: ${{ steps.filter.outputs.litmus-infra-hardened-alpine }}
mongo-utils: ${{ steps.filter.outputs.mongo-utils }}
litmusctl: ${{ steps.filter.outputs.litmusctl }}
litmus-redis-load: ${{ steps.filter.outputs.litmus-redis-load }}
litmus-helm-agent: ${{ steps.filter.outputs.litmus-helm-agent }}
steps:
- uses: actions/checkout@v2
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
forkbomb:
- 'resource_stress/forkbomb/**'
fio:
- 'io_tools/fio/**'
mysql-client:
- 'app_clients/mysql-client/**'
sysbench-client:
- 'io_tools/sysbench/**'
tpcc-client:
- 'io_tools/tpcc/**'
stress-ng:
- 'resource_stress/stress-ng/**'
mongo-client:
- 'app_clients/mongo-client/**'
postgres-client:
- 'app_clients/postgres-client/**'
custom-client:
- 'custom/custom-client/**'
litmus-checker:
- 'custom/litmus-checker/**'
litmus-experiment-hardened-alpine:
- 'custom/hardened-alpine/experiment/**'
litmus-infra-hardened-alpine:
- 'custom/hardened-alpine/infra/**'
logger:
- 'log_utils/logger/**'
dd-client:
- 'io_tools/dd/**'
memleak:
- 'resource_stress/memleak/**'
elasticsearch-stress:
- 'app_clients/elasticsearch-stress/**'
kafka-client:
- 'app_clients/kafka-client/**'
nfs-client:
- 'app_clients/nfs-client/**'
cassandra-client:
- 'app_clients/cassandra-client/**'
litmus-app-deployer:
- 'custom/workflow-helper/app-deployer/**'
litmus-qps-cmd:
- 'custom/workflow-helper/app-qps-test/**'
pod-delete:
- 'experiments/pod-delete/**'
pod-delete-helper:
- 'experiments/generic/pod-delete/**'
container-killer:
- 'containerd/crictl/**'
container-kill-helper:
- 'experiments/generic/container-kill/**'
litmus-git-app-checker:
- 'custom/workflow-helper/app-checker/**'
litmus-k8s:
- 'custom/k8s/**'
litmus-curl:
- 'custom/curl/**'
litmus-argocli:
- 'custom/argo-server/**'
workflow-controller:
- 'custom/argo-workflow-controller/**'
argoexec:
- 'custom/argo-workflow-executor/**'
mongo:
- 'custom/mongo/**'
kafka-deployer:
- 'custom/app-setup/kafka/**'
litmus-pg-load:
- 'custom/workflow-helper/postgres-helper/load-test/**'
litmus-pg-jmeter:
- 'custom/workflow-helper/postgres-helper/jmeter/**'
mongo-utils:
- 'custom/mongo-utils/**'
litmusctl:
- 'custom/litmusctl/**'
litmus-redis-load:
- 'custom/workflow-helper/redis-helper/load-gen/**'
litmus-helm-agent:
- 'custom/litmus-helm-agent/**'
litmus-app-deployer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-app-deployer == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-app-deployer image
run: |
make docker.buildx
make _push_litmus_app_deployer
litmus-qps-cmd:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-qps-cmd == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-qps-cmd image
run: |
make docker.buildx
make _push_litmus_qps_cmd
litmus-checker:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-checker == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-checker image
run: |
make docker.buildx
make _push_litmus_checker
litmus-infra-hardened-alpine:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-infra-hardened-alpine == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Building litmus-infra-hardened-alpine image
run: |
make docker.buildx
make _push_litmus_infra_hardened_alpine
litmus-experiment-hardened-alpine:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-experiment-hardened-alpine == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Building litmus-experiment-hardened-alpine image
run: |
make docker.buildx
make _push_litmus_experiment_hardened_alpine
litmus-git-app-checker:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-git-app-checker == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-git-app-checker image
run: |
make docker.buildx
make _push_litmus_git_app_checker
litmus-k8s:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-k8s == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-k8s image
run: |
make docker.buildx
make _push_litmus_k8s
litmus-curl:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-curl == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-curl image
run: |
make docker.buildx
make _push_litmus_curl
kafka-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.kafka-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push kafka-client image
run: make kafka-client
cassandra-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.cassandra-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push cassandra-client image
run: make cassandra-client
litmus-argocli:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-argocli == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push litmus-argocli image
run: |
make docker.buildx
make _push_litmus_argocli
litmus-argo-workflow-controller:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.workflow-controller == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push workflow-controller image
run: |
make docker.buildx
make _push_litmus_argo_workflow_controller
litmus-argo-workflow-executor:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.argoexec == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push argoexec image
run: |
make docker.buildx
make _push_litmus_argo_workflow_executor
mongo:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo == 'true'
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Build and Push mongo image
run: |
make docker.buildx
make _push_litmus_mongo
kafka-deployer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.kafka-deployer == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push kafka-deployer image
run: make litmus-kafka-deployer
mysql-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mysql-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push mysql-client image
run: make mysql-client
sysbench-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.sysbench-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push sysbench-client image
run: make sysbench
tpcc-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.tpcc-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push tpcc-client image
run: make tpcc
stress-ng:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.stress-ng == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push stress-ng image
run: make stress-ng
mongo-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push mongo-client image
run: make mongo-client
postgres-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.postgres-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push postgres-client image
run: make postgres-client
custom-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.custom-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push custom-client image
run: make custom-client
logger:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.logger == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push logger image
run: make logger
dd-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.dd-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push dd-client image
run: make dd
memleak:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.memleak == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push memleak image
run: make memleak
elasticsearch-stress:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.elasticsearch-stress == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push elasticsearch-stress image
run: make elasticsearch-stress
memory-stress:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.memory-stress == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push memory-stress image
run: make memory-stress
nfs-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.nfs-client == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push nfs-client image
run: make nfs-client
pod-delete:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.pod-delete == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push pod-delete image
run: make pod-delete
pod-delete-helper:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.pod-delete-helper == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push pod-delete-helper image
run: make pod-delete-go
container-killer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.container-killer == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push container-killer image
run: make container-killer
container-kill-helper:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.container-kill-helper == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push container-kill-helper image
run: make container-kill-go
forkbomb:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.forkbomb == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push forkbomb image
run: make forkbomb
fio:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.fio == 'true'
steps:
- uses: actions/checkout@v2
- name: Build and Push fio image
run: make fio
litmus-pg-load:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-pg-load == 'true'
steps:
- uses: actions/checkout@v2
- name: Building litmus-pg-load image
run: |
make docker.buildx
make _push_litmus_pg_load
litmus-pg-jmeter:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-pg-jmeter == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-pg-jmeter image
run: |
make docker.buildx
make _push_litmus_pg_jmeter
mongo-utils:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo-utils == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building mongo-utils image
run: |
make docker.buildx
make _push_litmus_mongo_utils
litmusctl:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmusctl == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmusctl image
run: |
make docker.buildx
make _push_litmusctl
litmus-redis-load:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-redis-load == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-redis-load image
run: |
make docker.buildx
make _push_litmus_redis_load
litmus-helm-agent:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-helm-agent == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-helm-agent image
run: |
make docker.buildx
make _push_litmus_helm_agent