resolve conflicts

tenable · Oct 19, 2023 · 1b1e303 · 1b1e303
2 parents b517bc7 + 9e99f08
commit 1b1e303
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 41 deletions.
diff --git a/.github/workflows/gobuild.yml b/.github/workflows/gobuild.yml
@@ -17,25 +17,12 @@ jobs:
       AWS_REGION: ${{ secrets.AWS_REGION_TEST }}
       AZURE_AUTH_TEST_SECRET: ${{ secrets.AZURE_AUTH_TEST_KEY }}
       GOOGLE_APPLICATION_CREDENTIALS_TEST_SECRET: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_TEST_KEY }}
-      ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
     steps:
-      - name: check proxy 
-        run: docker info
-
-      - name: check
-        run: nslookup https://terrascan-test.artifactory.eng.tenable.com
-
-      - name: Login to Artifactory
-        run: docker login --username svc_terrascan --password ${{ secrets.ARTIFACTORY_API_TOKEN }}  https://docker-terrascan-local.artifactory.eng.tenable.com
-
-      - name: Pull Image
-        run:  docker pull docker-terrascan-local.artifactory.eng.tenable.com/tenb-cb:1.0.10.DEV231011191849-J-EPRT-TENB-CB-TENB-CB-CICD-5797-10
+      - name: Checkout Terrascan
+        uses: actions/checkout@v3
 
-      - name: Run scan
-        run: docker run -e JKN_USERNAME=${{ secrets.JKN_USERNAME }} -e JKN_PASSWORD=${{ secrets.JKN_PASSWORD }} -t docker-terrascan-local.artifactory.eng.tenable.com/tenb-cb:1.0.10.DEV231011191849-J-EPRT-TENB-CB-TENB-CB-CICD-5797-10 jobs execute-job  --credential-mode env -n teams-deleng-terraform -p deleng-terraform/Scratch/dockerhub-tester -d '{"APPID":"test"}' --cloudflare-access-secret ${{ secrets.CF_ACCESS_TOKEN }}:${{ secrets.CF_SECRET }}
-
       - name: Setup Go
-        uses: actions/setup-go@v1
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -73,17 +60,21 @@ jobs:
     needs: validate
 
     runs-on: ubuntu-latest
-    if: github.event_name == 'push'
+    if: github.event_name == 'push' #&& github.ref == 'refs/heads/master'
 
     steps:
+      - name: Checkout Terrascan
+        uses: actions/checkout@v3
+
+      - uses: docker/setup-qemu-action@v2
+
       - name: Login to Artifactory
-        run: curl -u ${{ secrets.ARTIFACTORY_API_TOKEN }} -X POST https://artifactory.eng.tenable.com/artifactory/api/docker/auth
-
-      - name: Pull Docker Image
-        run: docker pull  docker-terracan-local.artifactory.eng.tenable.com/terrascan-test/tenb-cb:1.0.8.DEV230807225718-J-EPRT-TENB-CB-TENB-CB-CICD-5797-8/
-
-      - name: Logout from Artifactory
-        run: echo "Logout not necessary for API token-based authentication"
-
-      - name: Remove Docker Login Config
-        run: rm ~/.docker/config.json
+        run: docker login --username svc_terrascan --password ${{ secrets.ARTIFACTORY_API_TOKEN }}  https://docker-terrascan-local.artifactory.eng.tenable.com
+
+      - name: Pull Image
+        run:  docker pull docker-terrascan-local.artifactory.eng.tenable.com/tenb-cb:1.0.10.DEV231011191849-J-EPRT-TENB-CB-TENB-CB-CICD-5797-10
+
+      - name: Build and push Terrascan latest docker image
+        run: make docker-build-push-latest
+        env:
+          MULTIPLATFORM: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,11 +13,11 @@ jobs:
       GO_VERSION: 1.19
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
       - name: Run GoReleaser
@@ -34,19 +34,20 @@ jobs:
 
     steps:
       - name: Checkout Terrascan
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
-      - name: Build Terrascan docker image
-        run: make docker-build
+      - uses: docker/setup-qemu-action@v2
 
       - name: Login to Docker Hub
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Push Terrascan latest tag docker image
-        run: make docker-push-latest-tag
+      - name: Build and Push Terrascan latest tag docker image
+        run: make docker-build-push-latest-tag
+        env:
+          MULTIPLATFORM: true
 
       - name: Build terrascan_atlantis docker image
         run: make atlantis-docker-build

diff --git a/Makefile b/Makefile
@@ -108,12 +108,19 @@ install-kind:
 docker-build:
 	./scripts/docker-build.sh
 
+# build and push latest terrascan docker image
+docker-build-push-latest:
+	./scripts/docker-build.sh latest
+
+# build and push release tag terrascan docker image
+docker-build-push-latest-tag:
+	./scripts/docker-build.sh tag
+
 
 # push terrascan docker image
 docker-push:
 	./scripts/docker-push.sh
 
-
 # push latest terrascan docker image
 docker-push-latest:
 	./scripts/docker-push-latest.sh

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -1,23 +1,20 @@
 # -------- builder stage -------- #
 FROM golang:alpine AS builder
 
-ARG GOOS_VAL=linux
-ARG GOARCH_VAL=amd64
-ARG CGO_ENABLED_VAL=1
+ARG CGO_ENABLED_VAL=0
 
 WORKDIR $GOPATH/src/terrascan
 
 # download go dependencies
 COPY go.mod go.sum ./
 RUN go mod download
-RUN apk add -U build-base
+RUN apk update && apk add --no-cache --update build-base git
 
 # copy terrascan source
 COPY . .
 
 # build binary
-RUN apk update && apk add git && \
-    CGO_ENABLED=${CGO_ENABLED_VAL} GOOS=${GOOS_VAL} GOARCH=${GOARCH_VAL} go build -v -ldflags "-w -s" -o /go/bin/terrascan ./cmd/terrascan
+RUN CGO_ENABLED=${CGO_ENABLED_VAL} go build -v -ldflags "-w -s" -o /go/bin/terrascan ./cmd/terrascan
 
 
 # -------- prod stage -------- #