Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CI] Add container build #804

Open
wants to merge 17 commits into
base: master
Choose a base branch
from
Open

[CI] Add container build #804

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
82ee154
⚡️ First shot
Renizmy Dec 5, 2024
8cedf2b
⚡️ First shot
Renizmy Dec 5, 2024
0876312
⚡️ First shot
Renizmy Dec 5, 2024
e6482c0
⚡️ First shot
Renizmy Dec 5, 2024
948e6e7
⚡️ First shot
Renizmy Dec 5, 2024
c5a0cee
⚡️ First shot
Renizmy Dec 5, 2024
ec976cc
⚡️ First shot
Renizmy Dec 5, 2024
a8d01ea
⚡️ First shot
Renizmy Dec 5, 2024
11083bd
⚡️ First shot
Renizmy Dec 5, 2024
11bc1cd
⚡️ First shot
Renizmy Dec 5, 2024
eb91ea8
⚡️ First shot
Renizmy Dec 5, 2024
8bef012
set target platform in builder
Renizmy Dec 21, 2024
4a3e04e
change base repo + change build container trigger
Renizmy Dec 21, 2024
cb10a9a
add python 3.11 build + app user + trivy scan
Renizmy Jan 9, 2025
dba084d
Add build steps
Renizmy Jan 9, 2025
ba3c65b
delete trivy + change workflow
Renizmy Jan 13, 2025
ff64127
change workflow
Renizmy Jan 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 68 additions & 7 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ version: 2.1
orbs:
slack: circleci/[email protected]
ms-teams: cloudradar-monitoring/[email protected]
env:
BASE_REPO: opencti
jobs:
ensure_formatting:
docker:
Expand Down Expand Up @@ -48,7 +50,57 @@ jobs:
- ms-teams/report:
only_on_fail: true
webhook_url: $MS_TEAMS_WEBHOOK_URL
build:
build-container-python-3-11:
docker:
- image: cimg/base:stable-20.04
steps:
- checkout
- setup_remote_docker
- run:
name: Build opencti/python-client-container
command: |
docker run --privileged --rm tonistiigi/binfmt --install all
CIRCLE_TAG=${CIRCLE_TAG:-nightly}
echo "CIRCLE_TAG=${CIRCLE_TAG}"
echo "$DOCKERHUB_PASS" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
docker buildx create --platform linux/amd64,linux/arm64 --use --name mybuilder || true
docker buildx inspect mybuilder --bootstrap
docker buildx build . \
--platform linux/amd64,linux/arm64 \
-t ${{ env.BASE_REPO }}/client-python-3-11:${CIRCLE_TAG} \
-t ${{ env.BASE_REPO }}client-python-3-11:latest \
--build-arg BASE_IMAGE="python:3.11-alpine3.20"

- run:
name: Push image to regsitry
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you correct the naming ?

Suggested change
name: Push image to regsitry
name: Push image to registry

command: docker push ${{ env.BASE_REPO }}/client-python-3-11:latest --all-tags

build-container-python-3-12:
docker:
- image: cimg/base:stable-20.04
steps:
- checkout
- setup_remote_docker
- run:
name: Build opencti/python-client
command: |
docker run --privileged --rm tonistiigi/binfmt --install all
CIRCLE_TAG=${CIRCLE_TAG:-nightly}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Renizmy Thank you for this PR, could you explain this ? What is the purpose of CIRCLE_TAG:-nightly ?

echo "CIRCLE_TAG=${CIRCLE_TAG}"
echo "$DOCKERHUB_PASS" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
docker buildx create --platform linux/amd64,linux/arm64 --use --name mybuilder || true
docker buildx inspect mybuilder --bootstrap
docker buildx build . \
--platform linux/amd64,linux/arm64 \
-t ${{ env.BASE_REPO }}/client-python-3-12:${CIRCLE_TAG} \
-t ${{ env.BASE_REPO }}/client-python-3-12:latest \
--build-arg BASE_IMAGE="python:3.12-alpine3.20"

- run:
name: Push image to regsitry
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you correct the naming ?

Suggested change
name: Push image to regsitry
name: Push image to registry

command: docker push ${{ env.BASE_REPO }}/client-python-3-12:latest --all-tags

build-library:
working_directory: ~/opencti-client
docker:
- image: cimg/python:3.12
Expand Down Expand Up @@ -144,26 +196,35 @@ workflows:
filters:
tags:
only: /.*/
- build:
- build-container-python-3-11:
requires:
- build-library
filters:
tags:
only: /[0-9]+(\.[0-9]+)+(\.[0-9]+)?\.?(\w)*/
- build-container-python-3-12:
requires:
- build-library
filters:
tags:
only: /[0-9]+(\.[0-9]+)+(\.[0-9]+)?\.?(\w)*/
- build-library:
filters:
tags:
only: /[0-9]+(\.[0-9]+)+(\.[0-9]+)?\.?(\w)*/
branches:
ignore: /.*/
requires:
- ensure_formatting
- linter
- deploy:
requires:
- build
- build-library
filters:
tags:
only: /[0-9]+(\.[0-9]+)+(\.[0-9]+)?\.?(\w)*/
branches:
ignore: /.*/
- notify_rolling:
requires:
- build
- build-library
- notify:
requires:
- deploy
Expand Down
13 changes: 13 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
ARG BASE_IMAGE="python:3.12-alpine3.20"
FROM ${BASE_IMAGE}

# Install Python modules
# hadolint ignore=DL3003
COPY ./requirements.txt /opt/requirements.txt

RUN apk --no-cache add git build-base libmagic libffi-dev && \
pip3 install --no-cache-dir -r /opt/requirements.txt && \
apk del git build-base && rm /opt/requirements.txt

RUN adduser -D -g '' app
USER app