diff --git a/.drone/drone.yml b/.drone/drone.yml index 9da4d242b6..57b72a80ba 100644 --- a/.drone/drone.yml +++ b/.drone/drone.yml @@ -1,107 +1,5 @@ --- kind: pipeline -name: Create Linux build image -platform: - arch: amd64 - os: linux -steps: -- commands: - - export IMAGE_TAG=${DRONE_TAG##build-image/v} - - docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - - docker buildx create --name multiarch --driver docker-container --use - - docker buildx build --build-arg="GO_RUNTIME=golang:1.22.1-bullseye" --push --platform - linux/amd64,linux/arm64 -t grafana/agent-build-image:$IMAGE_TAG ./tools/build-image - environment: - DOCKER_LOGIN: - from_secret: docker_login - DOCKER_PASSWORD: - from_secret: docker_password - image: docker - name: Build - volumes: - - name: docker - path: /var/run/docker.sock -trigger: - event: - - tag - ref: - - refs/tags/build-image/v* -type: docker -volumes: -- host: - path: /var/run/docker.sock - name: docker ---- -kind: pipeline -name: Create Linux build image for boringcrypto -platform: - arch: amd64 - os: linux -steps: -- commands: - - export IMAGE_TAG=${DRONE_TAG##build-image/v}-boringcrypto - - docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - - docker buildx create --name multiarch --driver docker-container --use - - docker buildx build --build-arg="GO_RUNTIME=mcr.microsoft.com/oss/go/microsoft/golang:1.22.1-bullseye" - --push --platform linux/amd64,linux/arm64 -t grafana/agent-build-image:$IMAGE_TAG - ./tools/build-image - environment: - DOCKER_LOGIN: - from_secret: docker_login - DOCKER_PASSWORD: - from_secret: docker_password - image: docker - name: Build - volumes: - - name: docker - path: /var/run/docker.sock -trigger: - event: - - tag - ref: - - refs/tags/build-image/v* -type: docker -volumes: -- host: - path: /var/run/docker.sock - name: docker ---- -kind: pipeline -name: Create Windows build image -platform: - arch: amd64 - os: windows - version: "1809" -steps: -- commands: - - $IMAGE_TAG="${DRONE_TAG##build-image/v}-windows" - - docker login -u $Env:DOCKER_LOGIN -p $Env:DOCKER_PASSWORD - - docker build -t grafana/agent-build-image:$IMAGE_TAG ./tools/build-image/windows - - docker push grafana/agent-build-image:$IMAGE_TAG - environment: - DOCKER_LOGIN: - from_secret: docker_login - DOCKER_PASSWORD: - from_secret: docker_password - image: docker:windowsservercore-1809 - name: Build - volumes: - - name: docker - path: //./pipe/docker_engine/ -trigger: - event: - - tag - ref: - - refs/tags/build-image/v* -type: docker -volumes: -- host: - path: //./pipe/docker_engine/ - name: docker ---- -kind: pipeline name: Lint platform: arch: amd64 @@ -667,6 +565,6 @@ kind: secret name: updater_private_key --- kind: signature -hmac: ae8aa6e86fa343a51bd9001fe953154f8fe07c13982ee4b6aea5d56bd956d33f +hmac: 3484a2c2210641cb0e653616c7100ec52f49cb68c7f20647248de013e0da1826 ... diff --git a/.drone/pipelines/build_images.jsonnet b/.drone/pipelines/build_images.jsonnet index e5bdc9eb5a..98f5ecca2a 100644 --- a/.drone/pipelines/build_images.jsonnet +++ b/.drone/pipelines/build_images.jsonnet @@ -17,6 +17,10 @@ local locals = { }; [ + // TODO(rfratto): The following are temporarily diasbled as grafana/alloy + // gets set up. + + /* pipelines.linux('Create Linux build image') { trigger: locals.on_build_image_tag, steps: [{ @@ -88,4 +92,5 @@ local locals = { host: { path: '//./pipe/docker_engine/' }, }], }, + */ ] diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 983081c202..b88928fb2e 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -28,7 +28,7 @@ jobs: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 with: - image-ref: 'grafana/alloy:main' + image-ref: 'us-docker.pkg.dev/grafanalabs-dev/docker-alloy-dev/alloy:latest' format: 'template' template: '@/contrib/sarif.tpl' output: 'trivy-results.sarif'