-
Notifications
You must be signed in to change notification settings - Fork 182
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Travis - Multiarch Builds, Autopublish on Docker-Hub and Security Scan with trivy #70
Add Travis - Multiarch Builds, Autopublish on Docker-Hub and Security Scan with trivy #70
Conversation
Add oidc group support
Helm Chart added
…tter api for validating tokens. Added some server logging at startup to help track down issues.
nodeport yaml provided and readme updated for faster up-and-running option
…ndling and messaging. Improved logging on the server. Better proxy handling on server (changeOrigin)
Fix parsing disk space / ram
A lot of charts work
…ush latest & commit-tag
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a ton for this! I left a handful of questions/comments, but it looks really good :)
@@ -0,0 +1,33 @@ | |||
language: generic |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've not tried using travis-ci w/ an open source project before, but I absolutely love that you've added this :)
Is there anything that will needs to be configured at travis-ci.com to make this work?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes you need to generate an API-Token on Docker Hub and add that to the Travis Project via the HUB_TOKEN Environment Variable and you also need to set HUB_USER to your accoutname.
See here:
https://docs.travis-ci.com/user/environment-variables/#defining-variables-in-repository-settings
Afterwards Travis will publish it automatically on Docker Hub after each commit.
Btw. I only used it once myself but I loved the idea of being able to work remotely on my Chromebook and Travis doing the heavy duty for me (not just testing) so I gave it a go.
Guess I'll do that more often from now on, since I like the result. :) ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I kinda love this idea :)
However, I need a bit to get this all wired up. It also makes for multiple large and only semi related changes in the PR. How would you feel about pulling the travis.yml
file out into a separate PR? Everything else LGTM and I'd love to be able to merge it asap.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, sorry. One other comment on your last comment above. I currently have it configured so DockerHub watches GitHub for changes and automatically does this build there. I think that's the same thing you were going for via Travis. Any advantages to moving that build out of DockerHub and into Travis?
@herbrandson fixes should be done |
- docker buildx build ./ --platform=linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/amd64,linux/i386 -t ${HUB_REPO}:${COMMIT} -t ${HUB_REPO}:latest --push | ||
- docker save -o docker_images/images.tar $(docker images -a -q) | ||
- export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') | ||
- wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just curious... any reason you're using wget here and curl above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Copy & Paste from the individual snippets :))
Hey @thiscantbeserious I just wanted to apologize for how long it's taken to get this PR merged. Thank you so much for your patience. I REALLY appreciate all the effort you've put into this and am excited to get it merged :) |
@herbrandson no worries. No need to hurry here. I'm testing in the meantime, also have quite a busy life myself. I noticed some additional comments via email but I cant find any of them here (mobile view). Did you remove them or did you leave them in another place? |
From #43
Changelog in a nutshell:
This will require you to setup a free Travis account on https://travis-ci.com/ and setup the repositories settings for k8dash by adding the Environment Variables:
I strongly recommend not to use your personal password for HUB_TOKEN but really generate a Token in your Account (pretty easy) - see also here: https://docs.docker.com/docker-hub/access-tokens/
That should be all. The current functionality of the PR can be verified on my master repo:
https://github.com/thiscantbeserious/k8dash
Also Docker Hub:
https://hub.docker.com/r/youcantbeserious/multiarch-k8dash/tags
And Travis log:
https://travis-ci.com/thiscantbeserious/k8dash/builds/149216396