Skip to content

Commit

Permalink
Enable SBOM/Provenance
Browse files Browse the repository at this point in the history
  • Loading branch information
@thespad
thespad committed Dec 2, 2024
1 parent c7f4980 commit 6796763
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 7 deletions.
12 changes: 6 additions & 6 deletions Jenkinsfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,7 @@ pipeline {
echo "Starting Stage 2.5 - Update init diagram"
if ! grep -q 'init_diagram:' readme-vars.yml; then
echo "Adding the key 'init_diagram' to readme-vars.yml"
sed -i '\\|^#.*changelog.*$|d' readme-vars.yml
sed -i '\\|^#.*changelog.*$|d' readme-vars.yml
sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml
fi
mkdir -p ${TEMPDIR}/d2
Expand Down Expand Up @@ -575,7 +575,7 @@ pipeline {
--label \"org.opencontainers.image.title=Radarr\" \
--label \"org.opencontainers.image.description=[Radarr](https://github.com/Radarr/Radarr) - A fork of Sonarr to work with movies à la Couchpotato. \" \
--no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
--provenance=false --sbom=false --builder=container --load \
--provenance=true --sbom=true --builder=container --load \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh '''#! /bin/bash
set -e
Expand Down Expand Up @@ -639,7 +639,7 @@ pipeline {
--label \"org.opencontainers.image.title=Radarr\" \
--label \"org.opencontainers.image.description=[Radarr](https://github.com/Radarr/Radarr) - A fork of Sonarr to work with movies à la Couchpotato. \" \
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
--provenance=false --sbom=false --builder=container --load \
--provenance=true --sbom=true --builder=container --load \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh '''#! /bin/bash
set -e
Expand Down Expand Up @@ -696,7 +696,7 @@ pipeline {
--label \"org.opencontainers.image.title=Radarr\" \
--label \"org.opencontainers.image.description=[Radarr](https://github.com/Radarr/Radarr) - A fork of Sonarr to work with movies à la Couchpotato. \" \
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
--provenance=false --sbom=false --builder=container --load \
--provenance=true --sbom=true --builder=container --load \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh '''#! /bin/bash
set -e
Expand Down Expand Up @@ -889,15 +889,15 @@ pipeline {
retry_backoff(5,5) {
sh '''#! /bin/bash
set -e
for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
[[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}"
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
for i in "${CACHE[@]}"; do
if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then
CACHEIMAGE=${i}
fi
done
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:nightly -t {PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:nightly -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
if [ -n "${SEMVER}" ]; then
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
fi
Expand Down
2 changes: 2 additions & 0 deletions jenkins-vars.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ custom_version_command: curl -sL https://radarr.servarr.com/v1/update/nightly/ch
release_type: prerelease
release_tag: nightly
ls_branch: nightly
image_sbom: true
image_provenance: true
repo_vars:
- BUILD_VERSION_ARG = 'RADARR_RELEASE'
- LS_USER = 'linuxserver'
Expand Down
2 changes: 1 addition & 1 deletion readme-vars.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ development_versions: true
development_versions_items:
- {tag: "latest", desc: "Stable Radarr releases"}
- {tag: "develop", desc: "Radarr releases from their develop branch"}
- {tag: "nightly", desc: "Nightly Radarr releases"}
- {tag: "nightly", desc: "Radarr releases from their nightly branch"}
# container parameters
param_container_name: "{{ project_name }}"
param_usage_include_vols: true
Expand Down

0 comments on commit 6796763

Please sign in to comment.