@@ -67,100 +67,102 @@ jobs:
6767 id-token : write
6868 pull-requests : write
6969 outputs :
70- jar_version : ${{ steps.update_version.outputs.new_version }}
71- docker_version : ${{ steps.meta.outputs.version }}
72- image_tag : ${{ steps.update_version.outputs.image_tag }}
73- tags : ${{ steps.meta.outputs.tags }}
74- is_release : ${{ steps.update_version.outputs.is_release }}
70+ jar_version : 5.49.9-alpha-224-SNAPSHOT
71+ docker_version : 5.49.9-alpha-224-SNAPSHOT-azure-cc
72+ image_tag : 5.49.9-alpha-224-SNAPSHOT-azure-cc
73+ tags : ghcr.io/iabtechlab/uid2-operator:5.49.9-alpha-224-SNAPSHOT-azure-cc
74+ is_release : false
7575 steps :
76- - name : Update Operator Version
77- id : update_version
78- uses : IABTechLab/uid2-operator/.github/actions/update_operator_version@main
79- with :
80- release_type : ${{ inputs.release_type }}
81- version_number_input : ${{ inputs.version_number_input }}
82- image_tag_suffix : ${{ env.ENCLAVE_PROTOCOL }}
83- commit_sha : ${{ inputs.commit_sha }}
84-
85- - name : Set up JDK
86- uses : actions/setup-java@v4
87- with :
88- distribution : ' temurin'
89- java-version : ' 21'
90-
91- - name : Package JAR
92- id : package
93- run : |
94- mvn -B package -P ${{ env.MAVEN_PROFILE }}
95- echo "jar_version=$(mvn help:evaluate -Dexpression=project.version | grep -e '^[1-9][^\[]')" >> $GITHUB_OUTPUT
96- echo "git_commit=$(git show --format="%h" --no-patch)" >> $GITHUB_OUTPUT
97- cp -r target ${{ env.DOCKER_CONTEXT_PATH }}/
98- cp scripts/confidential_compute.py ${{ env.DOCKER_CONTEXT_PATH }}/
99-
100- name : Log in to the Docker container registry
101- uses : docker/login-action@v3
102- with :
103- registry : ${{ env.REGISTRY }}
104- username : ${{ github.actor }}
105- password : ${{ secrets.GITHUB_TOKEN }}
106-
107- - name : Extract metadata (tags, labels) for Docker
108- id : meta
109- uses : docker/metadata-action@v5
110- with :
111- images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
112- tags : |
113- type=raw,value=${{ steps.update_version.outputs.image_tag }}
114-
115- name : Build and export to Docker
116- uses : docker/build-push-action@v5
117- with :
118- context : ${{ env.DOCKER_CONTEXT_PATH }}
119- load : true
120- tags : ${{ steps.meta.outputs.tags }}
121- labels : ${{ steps.meta.outputs.labels }}
122- build-args : |
123- JAR_VERSION=${{ steps.update_version.outputs.new_version }}
124- IMAGE_VERSION=${{ steps.update_version.outputs.new_version }}
125- BUILD_TARGET=${{ env.ENCLAVE_PROTOCOL }}
126-
127- name : Generate Trivy vulnerability scan report
128- uses : aquasecurity/trivy-action@0.14.0
129- with :
130- image-ref : ${{ steps.meta.outputs.tags }}
131- format : ' sarif'
132- exit-code : ' 0'
133- ignore-unfixed : true
134- severity : ' CRITICAL,HIGH'
135- output : ' trivy-results.sarif'
136- hide-progress : true
137-
138- - name : Upload Trivy scan report to GitHub Security tab
139- uses : github/codeql-action/upload-sarif@v3
140- with :
141- sarif_file : ' trivy-results.sarif'
142-
143- - name : Test with Trivy vulnerability scanner
144- uses : aquasecurity/trivy-action@0.14.0
145- with :
146- image-ref : ${{ steps.meta.outputs.tags }}
147- format : ' table'
148- exit-code : ' 1'
149- ignore-unfixed : true
150- severity : ${{ inputs.vulnerability_severity }}
151- hide-progress : true
152-
153- - name : Push to Docker
154- id : push-to-docker
155- uses : docker/build-push-action@v5
156- with :
157- context : ${{ env.DOCKER_CONTEXT_PATH }}
158- push : true
159- tags : ${{ steps.meta.outputs.tags }}
160- labels : ${{ steps.meta.outputs.labels }}
161- build-args : |
162- JAR_VERSION=${{ steps.update_version.outputs.new_version }}
163- IMAGE_VERSION=${{ steps.update_version.outputs.new_version }}
76+ - name : Noop
77+ run : ech noop
78+ # - name: Update Operator Version
79+ # id: update_version
80+ # uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@main
81+ # with:
82+ # release_type: ${{ inputs.release_type }}
83+ # version_number_input: ${{ inputs.version_number_input }}
84+ # image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }}
85+ # commit_sha: ${{ inputs.commit_sha }}
86+
87+ # - name: Set up JDK
88+ # uses: actions/setup-java@v4
89+ # with:
90+ # distribution: 'temurin'
91+ # java-version: '21'
92+
93+ # - name: Package JAR
94+ # id: package
95+ # run: |
96+ # mvn -B package -P ${{ env.MAVEN_PROFILE }}
97+ # echo "jar_version=$(mvn help:evaluate -Dexpression=project.version | grep -e '^[1-9][^\[]')" >> $GITHUB_OUTPUT
98+ # echo "git_commit=$(git show --format="%h" --no-patch)" >> $GITHUB_OUTPUT
99+ # cp -r target ${{ env.DOCKER_CONTEXT_PATH }}/
100+ # cp scripts/confidential_compute.py ${{ env.DOCKER_CONTEXT_PATH }}/
101+
102+ # - name: Log in to the Docker container registry
103+ # uses: docker/login-action@v3
104+ # with:
105+ # registry: ${{ env.REGISTRY }}
106+ # username: ${{ github.actor }}
107+ # password: ${{ secrets.GITHUB_TOKEN }}
108+
109+ # - name: Extract metadata (tags, labels) for Docker
110+ # id: meta
111+ # uses: docker/metadata-action@v5
112+ # with:
113+ # images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
114+ # tags: |
115+ # type=raw,value=${{ steps.update_version.outputs.image_tag }}
116+
117+ # - name: Build and export to Docker
118+ # uses: docker/build-push-action@v5
119+ # with:
120+ # context: ${{ env.DOCKER_CONTEXT_PATH }}
121+ # load: true
122+ # tags: ${{ steps.meta.outputs.tags }}
123+ # labels: ${{ steps.meta.outputs.labels }}
124+ # build-args: |
125+ # JAR_VERSION=${{ steps.update_version.outputs.new_version }}
126+ # IMAGE_VERSION=${{ steps.update_version.outputs.new_version }}
127+ # BUILD_TARGET=${{ env.ENCLAVE_PROTOCOL }}
128+
129+ # - name: Generate Trivy vulnerability scan report
130+ # uses: aquasecurity/trivy-action@0.14.0
131+ # with:
132+ # image-ref: ${{ steps.meta.outputs.tags }}
133+ # format: 'sarif'
134+ # exit-code: '0'
135+ # ignore-unfixed: true
136+ # severity: 'CRITICAL,HIGH'
137+ # output: 'trivy-results.sarif'
138+ # hide-progress: true
139+
140+ # - name: Upload Trivy scan report to GitHub Security tab
141+ # uses: github/codeql-action/upload-sarif@v3
142+ # with:
143+ # sarif_file: 'trivy-results.sarif'
144+
145+ # - name: Test with Trivy vulnerability scanner
146+ # uses: aquasecurity/trivy-action@0.14.0
147+ # with:
148+ # image-ref: ${{ steps.meta.outputs.tags }}
149+ # format: 'table'
150+ # exit-code: '1'
151+ # ignore-unfixed: true
152+ # severity: ${{ inputs.vulnerability_severity }}
153+ # hide-progress: true
154+
155+ # - name: Push to Docker
156+ # id: push-to-docker
157+ # uses: docker/build-push-action@v5
158+ # with:
159+ # context: ${{ env.DOCKER_CONTEXT_PATH }}
160+ # push: true
161+ # tags: ${{ steps.meta.outputs.tags }}
162+ # labels: ${{ steps.meta.outputs.labels }}
163+ # build-args: |
164+ # JAR_VERSION=${{ steps.update_version.outputs.new_version }}
165+ # IMAGE_VERSION=${{ steps.update_version.outputs.new_version }}
164166
165167 azureCc :
166168 name : Azure CC
@@ -230,11 +232,11 @@ jobs:
230232 ${{ env.ARTIFACTS_OUTPUT_DIR }}/uid2-operator-deployment-artifacts-${{ needs.buildImage.outputs.jar_version }}.zip
231233 ${{ env.MANIFEST_OUTPUT_DIR }}/azure-cc-operator-digest-${{ needs.buildImage.outputs.jar_version }}.txt
232234
233- e2e :
234- name : E2E
235- uses : ./.github/workflows/run-e2e-tests-on-operator.yaml
236- needs : [buildImage, azureCc]
237- with :
238- operator_type : azure
239- operator_image_version : ${{ needs.buildImage.outputs.image_tag }}
240- secrets : inherit
235+ # e2e:
236+ # name: E2E
237+ # uses: ./.github/workflows/run-e2e-tests-on-operator.yaml
238+ # needs: [buildImage, azureCc]
239+ # with:
240+ # operator_type: azure
241+ # operator_image_version: ${{ needs.buildImage.outputs.image_tag }}
242+ # secrets: inherit
0 commit comments