Commit Graph

10 Commits

Author SHA1 Message Date
pasta
e10c5c9579
Merge #6160: feat: add sbom and provenance in release for dockerhub; use jammy; apt remove as possible
9178e8a75f feat: add smob and provenance in release for dockerhub; use jammy; apt remove as possible (pasta)

Pull request description:

  ## Issue being fixed or feature implemented
  Docker provenance refers to the origin and history of Docker images, including how they were built, modified, and by whom. An SBOM (Software Bill of Materials) is a detailed list of all components in a software application, providing transparency about libraries, dependencies, and versions used, which is crucial for security and compliance.

  ## What was done?
  Add SBOM and provenance to docker build; this may allow some level of validation that GitHub actions is actually doing what it says it is.

  See this for more information https://docs.docker.com/build/ci/github-actions/attestations/

  ## How Has This Been Tested?
  Building with buildx with sbom and provenance flags locally

  ## Breaking Changes
  None

  ## Checklist:
    _Go over all the following points, and put an `x` in all the boxes that apply._
  - [x] I have performed a self-review of my own code
  - [ ] I have commented my code, particularly in hard-to-understand areas
  - [ ] I have added or updated relevant unit/integration/functional/e2e tests
  - [ ] I have made corresponding changes to the documentation
  - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_

ACKs for top commit:
  UdjinM6:
    utACK 9178e8a75f

Tree-SHA512: 6e3f35a0b30f002e2d5d80d6dd18ee554a1c15c62c1d4cbe1185f38977f55a199998515cf5bb9a027670f068f3d56ef33faa062d8c4122a886375d00afe6bf2f
2024-08-01 09:28:46 -05:00
PastaPastaPasta
3855f9775e
chore: do not include dash-qt in the docker images (#5775)
## Issue being fixed or feature implemented
Remove dash-qt from docker images; save ~41MB

## What was done?


## How Has This Been Tested?
Hasn't

## Breaking Changes
I guess in theory someone could've been relying on dash-qt from docker 🤷

## Checklist:
_Go over all the following points, and put an `x` in all the boxes that
apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-12-21 21:59:01 -06:00
PastaPastaPasta
2099a5c2e5
fix: use proper GitHub.repository and add an echo for testing (#5757)
## Issue being fixed or feature implemented


## What was done?
Add an echo

## How Has This Been Tested?

## Breaking Changes
None

## Checklist:
_Go over all the following points, and put an `x` in all the boxes that
apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-12-06 12:24:12 -06:00
UdjinM6
1d9991fe24
fix: pass GITHUB_REPOSITORY into Dockerfile.GitHubActions.Release (#5724)
## Issue being fixed or feature implemented
Should hopefully fix
https://github.com/dashpay/dash-dev-branches/actions/runs/6939402277/job/18876687119

#5716 follow-up

## What was done?
`$GITHUB_REPOSITORY` is not available inside docker, pass it inside

## How Has This Been Tested?

## Breaking Changes
n/a

## Checklist:
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-11-24 11:23:10 -06:00
PastaPastaPasta
1908f51baa
ci: change Dockerfile.GitHubActions.Release to use local repo and not always dashpay/dash (#5716)
## Issue being fixed or feature implemented
In order to provide nightly builds over at dash-dev-branches we need to
be able to run this automation with other REPOs

## What was done?
Make it repo specific.

## How Has This Been Tested?
Hasn't yet

## Breaking Changes
None

## Checklist:
_Go over all the following points, and put an `x` in all the boxes that
apply._
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-11-20 22:15:07 -06:00
Kittywhiskers Van Gogh
8b054d49c7 ci: harmonize parent images, use focal consistently 2023-05-11 09:18:48 -05:00
Kittywhiskers Van Gogh
6699b0228f
docker: fix gitian support, optimize container layer count and improve script consistency (#4983)
* contrib: set the working directory to /src/dash to allow for cloning gitian dependencies

* contrib: place the home directory inside /home instead of root

* contrib: add notes about sharing ccache across the network

* contrib: chown based on the (u/g)id env vars instead of the associated username

* contrib: reduce layer count by reducing run invocations

* contrib: develop container cleanup and maintenance

- add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies
- reorder packages in alphabetical order
- correct documentation
- create and add user to the docker group to satisfy Gitian's needs
- reduce the number of RUN calls to reduce layer count
2022-08-22 22:42:36 +03:00
strophy
ff2f768114
ci: fix docker context (#4816) 2022-04-28 11:35:50 -05:00
ktechmidas
712f60dd21
Fix: Use github workspace for building image (#4775)
* Fix: Use github workspace for building image

* Fix: Ensure correct dir for docker-entrypoint.sh
2022-04-19 09:11:04 +03:00
strophy
1fddc53f53
ci: build on-demand docker images for testing on devnets (#4667)
* ci: build alpha action

* ci: use self-hosted runner

* ci: build faster

* ci: multicore dash build

* chore: copy build, dockerize and push

* chore: dockerize build

* chore: remove unnecessary cachedir and checkout steps

* chore: disable qemu

* chore: remove buildx steps now included in AMI

* chore: move binaries in to place for second stage copy

* fix: runner using incorrect build driver

* chore: debug builder info

* chore: more detailed debug

* chore: install qemu and buildx in actions

* fix: indentation

* fix: remove debug code

* feat: multi-arch cross-compiling dockerfile

* chore: remove unnecessary docker layers

* chore: add debug output

* chore: dump context

* fix: use event inputs tag for docker_meta

* chore: dump context again

* fix: context reference syntax

* feat: attempt to use gitian builder

* chore: ff changes from other branches

* chore: disable macOS build

* Revert "chore: ff changes from other branches"

This reverts commit daece1c505.

* chore: restore GHA changes to fix incorrect merge

* chore: remove duplicate code

* chore: bump buildx version to latest

* chore: try to build without signing

* chore: setup tmate to find build

* chore: run tmate on failure

* fix: invalid path to binaries on copy

* chore: remove unnecessary GPG steps

* chore: replace strophy with dashpay

* fix: gha cache not providing speedup

* Update .github/workflows/release_alpha.yml

Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
2022-04-03 17:24:06 -05:00