Skip to content

dbld: install sudo package into RHEL based docker images #1434

dbld: install sudo package into RHEL based docker images

dbld: install sudo package into RHEL based docker images #1434

name: CI @ AxoSyslog image
on:
pull_request:
push:
jobs:
tarball:
runs-on: ubuntu-latest
outputs:
snapshot-version: ${{ steps.snapshot-version.outputs.SNAPSHOT_VERSION }}
steps:
- name: Checkout AxoSyslog source
uses: actions/checkout@v4
- name: Prepare docker image
run: ./dbld/rules cache-image-tarball
- name: Create source tarball
run: ./dbld/rules pkg-tarball
- name: Determine snapshot version
id: snapshot-version
run: |
tarball_filename="$(find dbld/build -name '*.tar.*' -printf '%f\n')"
tarball_name="${tarball_filename/\.tar.*}"
tarball_version="${tarball_name/axosyslog-}"
pkg_version="$(echo $tarball_version | sed -E 's|(([0-9]+\.){2}[0-9]+).*|\1|')_git$(date +%Y%m%d)"
echo "SNAPSHOT_VERSION=${pkg_version}" >> $GITHUB_OUTPUT
- name: Store source tarball as artifact
uses: actions/upload-artifact@v4
with:
name: source-tarball
path: dbld/build/*.tar.gz
build-and-test:
runs-on: ubuntu-latest
needs: tarball
steps:
- name: Checkout AxoSyslog source
uses: actions/checkout@v4
- name: Download source tarball artifact
uses: actions/download-artifact@v4
with:
name: source-tarball
path: docker/apkbuild/axoflow/axosyslog
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: docker
file: docker/alpine.dockerfile
load: true
tags: axosyslog:test
build-args: |
PKG_TYPE=snapshot
SNAPSHOT_VERSION=${{ needs.tarball.outputs.snapshot-version }}
- name: Smoke test
run: |
export SYSLOG_NG_IMAGE="axosyslog:test"
export SYSLOG_NG_VERSION="${{ needs.tarball.outputs.snapshot-version }}"
docker/tests/smoke.sh
- name: Scan docker image on CVEs
uses: aquasecurity/trivy-action@master
with:
image-ref: 'axosyslog:test'
format: 'table'
exit-code: '1'
severity: 'CRITICAL,HIGH,MEDIUM,LOW'
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:1