upgrade ks-jenkins to v4.1.0-2.346.3 #98

Summary
Jobs
- build
- trivy-scan
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/pull-request.yml at 2728ad3

	name: PR Check

	on:
	pull_request:
	branches:
	- master

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v1
	- name: Docker meta for kubesphere
	id: meta
	uses: docker/metadata-action@v3
	with:
	images: \|
	kubespheredev/ks-jenkins
	tags: \|
	type=schedule
	type=ref,event=branch
	type=ref,event=pr
	type=semver,pattern=v{{major}}.{{minor}}.{{patch}}
	- name: Cache
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: maven
	restore-keys: maven
	- name: Dependency
	run: \|
	wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2
	tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2
	ls -ahl

	# v2.0-alpha-6 is a pre-release, jcli is not able to download it automatically.
	mkdir -p ~/.jenkins-cli
	curl https://github.com/LinuxSuRen/custom-war-packager/releases/download/v2.0-alpha-6/custom-war-packager-cli-2.0-alpha-7-20210527.031403-1-jar-with-dependencies.jar \
	-L --output ~/.jenkins-cli/cwp-cli.jar
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: Build env
	id: build_env
	shell: bash
	run: \|
	echo "::set-output name=version::${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}"
	- name: Build
	shell: bash
	run: \|
	curl -L https://github.com/jenkins-zh/jenkins-cli/releases/latest/download/jcli-linux-amd64.tar.gz\|tar xzv
	export PATH=.:$PATH:phantomjs/bin

	jcli cwp --install-artifacts --config-path formula.yaml \
	--value-set output=load \
	--value-set tag=kubespheredev/ks-jenkins:v${{ steps.build_env.outputs.version }} \
	--value-set platform=linux/amd64
	trivy-scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v1
	- name: Docker meta for kubesphere
	id: meta
	uses: docker/metadata-action@v3
	with:
	images: \|
	kubespheredev/ks-jenkins
	tags: \|
	type=schedule
	type=ref,event=branch
	type=ref,event=pr
	type=semver,pattern=v{{major}}.{{minor}}.{{patch}}
	- name: Cache
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: maven
	restore-keys: maven
	- name: Dependency
	run: \|
	wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2
	tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2
	ls -ahl

	# v2.0-alpha-6 is a pre-release, jcli is not able to download it automatically.
	mkdir -p ~/.jenkins-cli
	curl https://github.com/LinuxSuRen/custom-war-packager/releases/download/v2.0-alpha-6/custom-war-packager-cli-2.0-alpha-7-20210527.031403-1-jar-with-dependencies.jar \
	-L --output ~/.jenkins-cli/cwp-cli.jar
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: Build env
	id: build_env
	shell: bash
	run: \|
	echo "::set-output name=version::${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}"
	- name: Build
	shell: bash
	run: \|
	curl -L https://github.com/jenkins-zh/jenkins-cli/releases/latest/download/jcli-linux-amd64.tar.gz\|tar xzv
	export PATH=.:$PATH:phantomjs/bin

	jcli cwp --install-artifacts --config-path formula.yaml \
	--value-set output=load \
	--value-set tag=kubespheredev/ks-jenkins:${{ steps.build_env.outputs.version }} \
	--value-set platform=linux/amd64
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	env:
	TRIVY_OFFLINE_SCAN: true
	if: github.event_name == 'pull_request'
	with:
	image-ref: 'kubespheredev/ks-jenkins:${{ steps.build_env.outputs.version }}'
	timeout: 10m
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

upgrade ks-jenkins to v4.1.0-2.346.3 #98

Workflow file

upgrade ks-jenkins to v4.1.0-2.346.3 #98

Jobs

Run details

Workflow file for this run