Comment jobs related to GitHub Worker images, as CodeTotal is not act…

…ively maintained + Make gitpod job failure not blocking (#4242) * Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained * Make gitpod workflow not blocking until uv install is fixed
oxsecurity · Nov 10, 2024 · df3d6c0 · df3d6c0
1 parent e1a9f2a
commit df3d6c0
Show file tree

Hide file tree

Showing 12 changed files with 171 additions and 188 deletions.
diff --git a/.github/workflows/deploy-ALPHA-flavors.yml b/.github/workflows/deploy-ALPHA-flavors.yml
@@ -110,40 +110,38 @@ jobs:
             BUILD_DATE=${{ env.BUILD_DATE }}
             BUILD_REVISION=${{ github.sha }}
             BUILD_VERSION=alpha
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: true
           secrets: |
             GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
           tags: |
             ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha
 
-      - name: Build Worker Image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: Dockerfile-worker
-          platforms: linux/amd64
-          build-args: |
-            MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha
-            BUILD_DATE=${{ env.BUILD_DATE }}
-            BUILD_REVISION=${{ github.sha }}
-            BUILD_VERSION=alpha
-            --squash  # Enable image squashing to produce a single-layer image
-          load: false
-          push: true
-          secrets: |
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
-          tags: |
-            ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha
+      # - name: Build Worker Image
+      #   uses: docker/build-push-action@v6
+      #   with:
+      #     context: .
+      #     file: Dockerfile-worker
+      #     platforms: linux/amd64
+      #     build-args: |
+      #       MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha
+      #       BUILD_DATE=${{ env.BUILD_DATE }}
+      #       BUILD_REVISION=${{ github.sha }}
+      #       BUILD_VERSION=alpha
+      #     load: false
+      #     push: true
+      #     secrets: |
+      #       GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+      #     tags: |
+      #       ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha
 
       ##############################################
       # Check Docker image security with Trivy #
       ##############################################
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: 'ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha'
+          image-ref: ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true

diff --git a/.github/workflows/deploy-ALPHA.yml b/.github/workflows/deploy-ALPHA.yml
@@ -99,7 +99,6 @@ jobs:
             BUILD_DATE=${{ env.BUILD_DATE }}
             BUILD_REVISION=${{ github.sha }}
             BUILD_VERSION=alpha
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: true
           secrets: |
@@ -118,7 +117,6 @@ jobs:
             BUILD_DATE=${{ env.BUILD_DATE }}
             BUILD_REVISION=${{ github.sha }}
             BUILD_VERSION=alpha
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: true
           secrets: |
@@ -127,21 +125,20 @@ jobs:
             ghcr.io/oxsecurity/megalinter:alpha
           # ghcr.io/oxsecurity/megalinter:alpha-${{ github.sha }}
 
-      - name: Build & Push Worker Docker Image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: Dockerfile-worker
-          platforms: linux/amd64
-          build-args: |
-            MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter:alpha
-            BUILD_DATE=${{ env.BUILD_DATE }}
-            BUILD_REVISION=${{ github.sha }}
-            BUILD_VERSION=alpha
-            --squash  # Enable image squashing to produce a single-layer image
-          load: false
-          push: true
-          secrets: |
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
-          tags: |
-            ghcr.io/oxsecurity/megalinter-worker:alpha
+      # - name: Build & Push Worker Docker Image
+      #   uses: docker/build-push-action@v6
+      #   with:
+      #     context: .
+      #     file: Dockerfile-worker
+      #     platforms: linux/amd64
+      #     build-args: |
+      #       MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter:alpha
+      #       BUILD_DATE=${{ env.BUILD_DATE }}
+      #       BUILD_REVISION=${{ github.sha }}
+      #       BUILD_VERSION=alpha
+      #     load: false
+      #     push: true
+      #     secrets: |
+      #       GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+      #     tags: |
+      #       ghcr.io/oxsecurity/megalinter-worker:alpha
diff --git a/.github/workflows/deploy-BETA-flavors.yml b/.github/workflows/deploy-BETA-flavors.yml
@@ -127,17 +127,17 @@ jobs:
           tags: |
             type=raw,value=
 
-      - name: Docker Metadata action (Worker Docker Hub)
-        uses: docker/[email protected]
-        id: meta-w-dhub
-        with:
-          images: |
-            name=docker.io/${{ github.repository }}-worker-${{ matrix.flavor }}
-          flavor: |
-            latest=false
-            prefix=beta
-          tags: |
-            type=raw,value=
+      # - name: Docker Metadata action (Worker Docker Hub)
+      #   uses: docker/[email protected]
+      #   id: meta-w-dhub
+      #   with:
+      #     images: |
+      #       name=docker.io/${{ github.repository }}-worker-${{ matrix.flavor }}
+      #     flavor: |
+      #       latest=false
+      #       prefix=beta
+      #     tags: |
+      #       type=raw,value=
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -170,7 +170,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: ${{ github.event_name != 'pull_request' }}
           secrets: |
@@ -183,29 +182,28 @@ jobs:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "${{ steps.meta.outputs.tags }}", "target-image": "${{ steps.meta-dhub.outputs.tags }}" }'
 
-      - name: Build Worker Image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: Dockerfile-worker
-          platforms: linux/amd64
-          build-args: |
-            MEGALINTER_BASE_IMAGE=${{ fromJson(steps.meta-w.outputs.json).tags[0]}}
-            BUILD_DATE=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.created'] }}
-            BUILD_VERSION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.version'] }}
-            BUILD_REVISION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
-          load: false
-          push: ${{ github.event_name != 'pull_request' }}
-          secrets: |
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
-          tags: ${{ steps.meta-w.outputs.tags }}
-
-      - name: Invoke Mirror docker image workflow (Main image)
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: mirror-docker-image.yml
-          inputs: '{ "source-image": "${{ steps.meta-w.outputs.tags }}", "target-image": "${{ steps.meta-w-dhub.outputs.tags }}" }'
+      # - name: Build Worker Image
+      #   uses: docker/build-push-action@v6
+      #   with:
+      #     context: .
+      #     file: Dockerfile-worker
+      #     platforms: linux/amd64
+      #     build-args: |
+      #       MEGALINTER_BASE_IMAGE=${{ fromJson(steps.meta-w.outputs.json).tags[0]}}
+      #       BUILD_DATE=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.created'] }}
+      #       BUILD_VERSION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.version'] }}
+      #       BUILD_REVISION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.revision'] }}
+      #     load: false
+      #     push: ${{ github.event_name != 'pull_request' }}
+      #     secrets: |
+      #       GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+      #     tags: ${{ steps.meta-w.outputs.tags }}
+
+      # - name: Invoke Mirror docker image workflow (Main image)
+      #   uses: benc-uk/workflow-dispatch@v1
+      #   with:
+      #     workflow: mirror-docker-image.yml
+      #     inputs: '{ "source-image": "${{ steps.meta-w.outputs.tags }}", "target-image": "${{ steps.meta-w-dhub.outputs.tags }}" }'
 
       ##############################################
       # Check Docker image security with Trivy #

diff --git a/.github/workflows/deploy-BETA-linters.yml b/.github/workflows/deploy-BETA-linters.yml
@@ -243,7 +243,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: ${{ github.event_name != 'pull_request' }}
           secrets: |
@@ -277,7 +276,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: "${{ fromJson(steps.meta-dhub.outputs.json).tags[0]}}"
+          image-ref: "${{ fromJson(steps.meta.outputs.json).tags[0]}}"
           format: "table"
           exit-code: "1"
           ignore-unfixed: true

diff --git a/.github/workflows/deploy-BETA.yml b/.github/workflows/deploy-BETA.yml
@@ -116,14 +116,14 @@ jobs:
           tags: |
             type=raw,value=beta
 
-      - name: Docker Metadata action (Worker)
-        uses: docker/[email protected]
-        id: meta-w
-        with:
-          images: |
-            name=ghcr.io/${{ github.repository }}-worker
-          tags: |
-            type=raw,value=beta
+      # - name: Docker Metadata action (Worker)
+      #   uses: docker/[email protected]
+      #   id: meta-w
+      #   with:
+      #     images: |
+      #       name=ghcr.io/${{ github.repository }}-worker
+      #     tags: |
+      #       type=raw,value=beta
 
       - name: Docker Metadata action (Worker Server)
         uses: docker/[email protected]
@@ -157,7 +157,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta-s.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta-s.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta-s.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: ${{ github.event_name != 'pull_request' }}
           secrets: |
@@ -180,7 +179,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: false
           push: ${{ github.event_name != 'pull_request' }}
           secrets: |
@@ -193,29 +191,28 @@ jobs:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "${{ steps.meta.outputs.tags }}", "target-image": "${{ steps.meta-dhub.outputs.tags }}" }'
 
-      - name: Build & Push Docker Worker Image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: Dockerfile-worker
-          platforms: linux/amd64
-          build-args: |
-            MEGALINTER_BASE_IMAGE=${{ fromJson(steps.meta-w.outputs.json).tags[0]}}
-            BUILD_DATE=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.created'] }}
-            BUILD_VERSION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.version'] }}
-            BUILD_REVISION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
-          load: false
-          push: ${{ github.event_name != 'pull_request' }}
-          secrets: |
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
-          tags: ${{ steps.meta-w.outputs.tags }}
-
-      - name: Invoke Mirror docker image workflow (Worker image)
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: mirror-docker-image.yml
-          inputs: '{ "source-image": "${{ steps.meta-w.outputs.tags }}", "target-image": "${{ steps.meta-w-dhub.outputs.tags }}" }'
+      # - name: Build & Push Docker Worker Image
+      #   uses: docker/build-push-action@v6
+      #   with:
+      #     context: .
+      #     file: Dockerfile-worker
+      #     platforms: linux/amd64
+      #     build-args: |
+      #       MEGALINTER_BASE_IMAGE=${{ fromJson(steps.meta-w.outputs.json).tags[0]}}
+      #       BUILD_DATE=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.created'] }}
+      #       BUILD_VERSION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.version'] }}
+      #       BUILD_REVISION=${{ fromJSON(steps.meta-w.outputs.json).labels['org.opencontainers.image.revision'] }}
+      #     load: false
+      #     push: ${{ github.event_name != 'pull_request' }}
+      #     secrets: |
+      #       GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+      #     tags: ${{ steps.meta-w.outputs.tags }}
+
+      # - name: Invoke Mirror docker image workflow (Worker image)
+      #   uses: benc-uk/workflow-dispatch@v1
+      #   with:
+      #     workflow: mirror-docker-image.yml
+      #     inputs: '{ "source-image": "${{ steps.meta-w.outputs.tags }}", "target-image": "${{ steps.meta-w-dhub.outputs.tags }}" }'
 
       # ###############################
       # # Run tests for code coverage #
@@ -234,7 +231,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: "${{ steps.meta-dhub.outputs.tags }}"
+          image-ref: "${{ steps.meta.outputs.tags }}"
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true

diff --git a/.github/workflows/deploy-DEV-linters.yml b/.github/workflows/deploy-DEV-linters.yml
@@ -198,7 +198,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: true
           push: false
           secrets: |

diff --git a/.github/workflows/deploy-DEV.yml b/.github/workflows/deploy-DEV.yml
@@ -92,7 +92,6 @@ jobs:
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
             MEGA_LINTER_BASE_IMAGE="oxsecurity/megalinter:beta"
-            --squash  # Enable image squashing to produce a single-layer image
           load: true
           push: false
           secrets: |
@@ -121,7 +120,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: true
           push: false
           secrets: |
@@ -149,7 +147,6 @@ jobs:
             BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
             BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
             BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
-            --squash  # Enable image squashing to produce a single-layer image
           load: true
           push: false
           secrets: |