Skip to content

Commit 6fb0973

Browse files
Thaddeus Letnesmav-intel
Thaddeus Letnes
authored and
mav-intel
committed
Fix and extend release testing
1 parent ba84aa0 commit 6fb0973

File tree

17 files changed

+234
-79
lines changed

17 files changed

+234
-79
lines changed

.github/workflows/check.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -160,6 +160,16 @@ jobs:
160160
if: always() && runner.os == 'Linux'
161161
run: sudo rm -rf ..?* .[!.]* *
162162

163+
hadolint:
164+
name: Hadolint
165+
uses: ./.github/workflows/hadolint.yaml
166+
secrets: inherit
167+
168+
trivy:
169+
name: Trivy
170+
uses: ./.github/workflows/trivy.yaml
171+
secrets: inherit
172+
163173
build:
164174
name: Build
165175
strategy:
@@ -340,6 +350,8 @@ jobs:
340350
required:
341351
name: required
342352
needs:
353+
- trivy
354+
- hadolint
343355
- lint
344356
- build
345357
- linux-distro-support

.github/workflows/hadolint.yaml

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
name: Hadolint
2+
run-name: Hadolint (Triggered by ${{ github.event_name }} by @${{ github.actor }})
3+
on:
4+
workflow_call:
5+
6+
jobs:
7+
scan:
8+
runs-on: [self-hosted, linux, docker]
9+
steps:
10+
- name: Cleanup workspace
11+
run: sudo rm -rf ..?* .[!.]* *
12+
13+
- name: Checkout dispatcher source
14+
uses: actions/checkout@v3
15+
with:
16+
path: source
17+
18+
- name: Pull docker image
19+
run: docker pull hadolint/hadolint
20+
21+
- name: Lint
22+
run: |
23+
mkdir artifact
24+
echo "Hadolint Report" > artifact/hadolint.txt
25+
walk_dir () {
26+
shopt -s nullglob dotglob
27+
28+
for pathname in "$1"/*; do
29+
retVal=0
30+
if [ -d "$pathname" ]; then
31+
walk_dir "$pathname" || retVal=$?
32+
if [ $retVal -ne 0 ]; then
33+
RC=$retVal
34+
fi
35+
else
36+
case "$pathname" in
37+
*Dockerfile*|*dockerfile*)
38+
echo "Checking $pathname"
39+
echo "" >> artifact/hadolint.txt
40+
echo " $pathname" >> artifact/hadolint.txt
41+
echo "----------" >> artifact/hadolint.txt
42+
docker run --rm \
43+
-i --attach stderr --attach stdout \
44+
-v $(pwd)/source:/source \
45+
-w /source \
46+
hadolint/hadolint < $pathname 2>&1 >> artifact/hadolint.txt || retVal=$?
47+
if [ $retVal -ne 0 ]; then
48+
RC=$retVal
49+
fi
50+
esac
51+
fi
52+
done
53+
return $RC
54+
}
55+
walk_dir "$(pwd)/source"
56+
57+
- name: Summarize
58+
if: (failure())
59+
run: |
60+
echo '```' >> $GITHUB_STEP_SUMMARY
61+
cat artifact/hadolint.txt >> $GITHUB_STEP_SUMMARY
62+
echo '```' >> $GITHUB_STEP_SUMMARY
63+
64+
- name: Report
65+
if: (success() || failure())
66+
run: |
67+
cat artifact/hadolint.txt
68+
69+
- name: Record Artifacts
70+
uses: actions/upload-artifact@v3
71+
if: (success() || failure())
72+
with:
73+
name: hadolint
74+
path: artifact/*
75+
76+
- name: Cleanup workspace
77+
if: always() && runner.os == 'Linux'
78+
run: sudo rm -rf ..?* .[!.]* *

.github/workflows/linux-distro-test.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -94,15 +94,15 @@ jobs:
9494
if: success() || failure()
9595
run: |
9696
DISTRO=${{ inputs.DISTRO_FAMILY }}${{ inputs.DISTRO_VERSION }}
97-
mkdir $DISTRO
98-
sudo cp -r tests/logs/. $DISTRO
97+
mkdir -p artifact/distro-$DISTRO
98+
sudo cp -r tests/logs/. artifact/distro-$DISTRO
9999
100100
- name: Upload test results
101101
uses: actions/upload-artifact@v3
102102
if: success() || failure()
103103
with:
104104
name: distro-${{ inputs.DISTRO_FAMILY }}${{ inputs.DISTRO_VERSION }}
105-
path: ${{ inputs.DISTRO_FAMILY }}${{ inputs.DISTRO_VERSION }}
105+
path: artifact
106106

107107
- name: Cleanup workspace (Linux)
108108
if: always() && runner.os == 'Linux'

.github/workflows/trivy.yaml

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
name: Trivy
2+
run-name: Trivy (Triggered by ${{ github.event_name }} by @${{ github.actor }})
3+
on:
4+
workflow_call:
5+
6+
jobs:
7+
scan:
8+
runs-on: [self-hosted, linux, docker]
9+
steps:
10+
- name: Cleanup workspace
11+
run: sudo rm -rf ..?* .[!.]* *
12+
13+
- name: Checkout dispatcher source
14+
uses: actions/checkout@v3
15+
with:
16+
path: source
17+
18+
- name: Pull docker image
19+
run: docker pull aquasec/trivy:0.47.0
20+
21+
- name: Scan
22+
run: |
23+
mkdir artifact
24+
echo "Trivy Report" > artifact/trivy.txt
25+
docker run \
26+
-v /var/run/docker.sock:/var/run/docker.sock \
27+
-v $HOME/Library/Caches:/root/.cache/ \
28+
-v $(pwd):/work \
29+
-w /work \
30+
--attach stderr --attach stdout \
31+
aquasec/trivy:0.47.0 \
32+
fs . 2>&1 >> artifact/trivy.txt
33+
34+
- name: Summarize
35+
if: (failure())
36+
run: |
37+
echo '```' >> $GITHUB_STEP_SUMMARY
38+
cat artifact/trivy.txt >> $GITHUB_STEP_SUMMARY
39+
echo '```' >> $GITHUB_STEP_SUMMARY
40+
41+
- name: Report
42+
if: (success() || failure())
43+
run: |
44+
cat artifact/trivy.txt
45+
46+
- name: Record Artifacts
47+
uses: actions/upload-artifact@v3
48+
if: (success() || failure())
49+
with:
50+
name: Trivy
51+
path: artifact/*
52+
53+
- name: Cleanup workspace
54+
if: always() && runner.os == 'Linux'
55+
run: sudo rm -rf ..?* .[!.]* *

.hadolint.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
ignored:
2+
- DL3006
3+
- DL3008
4+
- DL3013
5+
- DL3016
6+
- DL3018
7+
- DL3028
8+
9+
trustedRegistries:
10+
- docker.io
11+
- gcr.io

examples/api1x_core/legacy-decode/docker/Dockerfile

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,12 @@ ARG DEBIAN_FRONTEND=noninteractive
33

44

55
#Install Graphics runtime package
6-
RUN apt update && \
7-
apt install --no-install-recommends -q -y gnupg wget software-properties-common && \
8-
wget https://repositories.intel.com/graphics/intel-graphics.key && \
6+
RUN apt-get update && \
7+
apt-get install --no-install-recommends -q -y gnupg wget software-properties-common && \
8+
wget --no-verbose https://repositories.intel.com/graphics/intel-graphics.key && \
99
apt-key add intel-graphics.key && \
1010
apt-add-repository 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' && \
11-
apt update && \
12-
apt install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13-
apt install -y cmake build-essential pkg-config
14-
11+
apt-get update && \
12+
apt-get install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13+
apt-get install --no-install-recommends -q -y cmake build-essential pkg-config && rm -rf /var/lib/apt/lists/*
1514

examples/api1x_core/legacy-encode/docker/Dockerfile

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,12 @@ ARG DEBIAN_FRONTEND=noninteractive
33

44

55
#Install Graphics runtime package
6-
RUN apt update && \
7-
apt install --no-install-recommends -q -y gnupg wget software-properties-common && \
8-
wget https://repositories.intel.com/graphics/intel-graphics.key && \
6+
RUN apt-get update && \
7+
apt-get install --no-install-recommends -q -y gnupg wget software-properties-common && \
8+
wget --no-verbose https://repositories.intel.com/graphics/intel-graphics.key && \
99
apt-key add intel-graphics.key && \
1010
apt-add-repository 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' && \
11-
apt update && \
12-
apt install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13-
apt install -y cmake build-essential pkg-config
14-
11+
apt-get update && \
12+
apt-get install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13+
apt-get install --no-install-recommends -q -y cmake build-essential pkg-config && rm -rf /var/lib/apt/lists/*
1514

examples/api1x_core/legacy-vpp/docker/Dockerfile

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,13 @@ ARG DEBIAN_FRONTEND=noninteractive
33

44

55
#Install Graphics runtime package
6-
RUN apt update && \
7-
apt install --no-install-recommends -q -y gnupg wget software-properties-common && \
8-
wget https://repositories.intel.com/graphics/intel-graphics.key && \
6+
RUN apt-get update && \
7+
apt-get install --no-install-recommends -q -y gnupg wget software-properties-common && \
8+
wget --no-verbose https://repositories.intel.com/graphics/intel-graphics.key && \
99
apt-key add intel-graphics.key && \
1010
apt-add-repository 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' && \
11-
apt update && \
12-
apt install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13-
apt install -y cmake build-essential pkg-config
14-
11+
apt-get update && \
12+
apt-get install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13+
apt-get install --no-install-recommends -q -y cmake build-essential pkg-config && rm -rf /var/lib/apt/lists/*
14+
1515

examples/api2x/hello-decode/docker/Dockerfile

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,12 @@ ARG DEBIAN_FRONTEND=noninteractive
33

44

55
#Install Graphics runtime package
6-
RUN apt update && \
7-
apt install --no-install-recommends -q -y gnupg wget software-properties-common && \
8-
wget https://repositories.intel.com/graphics/intel-graphics.key && \
6+
RUN apt-get update && \
7+
apt-get install --no-install-recommends -q -y gnupg wget software-properties-common && \
8+
wget --no-verbose https://repositories.intel.com/graphics/intel-graphics.key && \
99
apt-key add intel-graphics.key && \
1010
apt-add-repository 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' && \
11-
apt update && \
12-
apt install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13-
apt install -y cmake build-essential pkg-config
14-
11+
apt-get update && \
12+
apt-get install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13+
apt-get install --no-install-recommends -q -y cmake build-essential pkg-config && rm -rf /var/lib/apt/lists/*
1514

examples/api2x/hello-decvpp/docker/Dockerfile

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,12 @@ ARG DEBIAN_FRONTEND=noninteractive
33

44

55
#Install Graphics runtime package
6-
RUN apt update && \
7-
apt install --no-install-recommends -q -y gnupg wget software-properties-common && \
8-
wget https://repositories.intel.com/graphics/intel-graphics.key && \
6+
RUN apt-get update && \
7+
apt-get install --no-install-recommends -q -y gnupg wget software-properties-common && \
8+
wget --no-verbose https://repositories.intel.com/graphics/intel-graphics.key && \
99
apt-key add intel-graphics.key && \
1010
apt-add-repository 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' && \
11-
apt update && \
12-
apt install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13-
apt install -y cmake build-essential pkg-config
14-
11+
apt-get update && \
12+
apt-get install --no-install-recommends -q -y libmfxgen1 intel-media-va-driver-non-free libmfx1 libva-dev libva-drm2 vainfo && \
13+
apt-get install --no-install-recommends -q -y cmake build-essential pkg-config && rm -rf /var/lib/apt/lists/*
1514

0 commit comments

Comments
 (0)