Merge pull request #54 from afdesk/chore/common-config

chore: TESTing common config
afdesk · Jun 14, 2023 · 1c2b0bd · 1c2b0bd
2 parents bc9513f + 2fec112
commit 1c2b0bd
Show file tree

Hide file tree

Showing 5 changed files with 72 additions and 65 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -48,6 +48,8 @@ jobs:
           git config --global user.name "Teppei Fukuda"
 
       - name: Create rpm repository
+        env:
+          GH_USER: ${{ github.repository_owner }}
         run: ci/deploy-rpm.sh
 
       - name: Import GPG key

diff --git a/.github/workflows/reusable-release.yaml b/.github/workflows/reusable-release.yaml
@@ -12,9 +12,6 @@ on:
         required: false
         type: string
 
-env:
-  GH_USER: "aqua-bot"
-
 jobs:
   release:
     name: Release
@@ -49,7 +46,7 @@ jobs:
         uses: docker/login-action@v2
         with:
           registry: ghcr.io
-          username: ${{ env.GH_USER }}
+          username: ${{ vars.GH_PUSHER }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Login to ECR
@@ -87,6 +84,9 @@ jobs:
           version: v1.16.2
           args: release -f=${{ inputs.goreleaser_config}} ${{ inputs.goreleaser_options}}
         env:
+          GH_USER: ${{ vars.GHCR_USER }}
+          AWS_USER: ${{ vars.AWS_ALIAS }}
+          DOCKER_USER: ${{ secrets.DOCKERHUB_USER }}
           GITHUB_TOKEN: ${{ secrets.ORG_REPO_TOKEN }}
           NFPM_DEFAULT_RPM_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
           GPG_FILE: "gpg.key"
@@ -107,9 +107,9 @@ jobs:
           context: .
           push: true
           tags: |
-            aquasec/trivy:canary
-            ghcr.io/aquasecurity/trivy:canary
-            public.ecr.aws/aquasecurity/trivy:canary
+            ${{ secrets.DOCKERHUB_USER }}/trivy:canary
+            ghcr.io/${{ vars.GHCR_USER }}/trivy:canary
+            public.ecr.aws/${{ env.AWS_ALIAS }}/trivy:canary
 
       - name: Cache Trivy binaries
         uses: actions/cache@v3.3.1

diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -178,3 +178,8 @@ jobs:
       with:
         version: v1.16.2
         args: build --snapshot --clean --timeout 90m ${{ steps.goreleaser_id.outputs.id }}
+      env:
+        GH_USER: ${{ vars.GHCR_USER }}
+        AWS_USER: ${{ vars.AWS_ALIAS }}
+        DOCKER_USER: ${{ secrets.DOCKERHUB_USER }}
+        GPG_FILE: "nogpg.key"
diff --git a/ci/deploy-rpm.sh b/ci/deploy-rpm.sh
@@ -16,7 +16,7 @@ function create_common_rpm_repo () {
 
                 mkdir -p $rpm_path/$arch
                 cp ../dist/*${prefix}.rpm ${rpm_path}/$arch/
-                createrepo_c -u https://github.com/aquasecurity/trivy/releases/download/ --location-prefix="v"$TRIVY_VERSION --update $rpm_path/$arch
+                createrepo_c -u https://github.com/$GH_USER/trivy/releases/download/ --location-prefix="v"$TRIVY_VERSION --update $rpm_path/$arch
                 rm ${rpm_path}/$arch/*${prefix}.rpm
         done
 }
@@ -28,7 +28,7 @@ function create_rpm_repo () {
         mkdir -p $rpm_path
         cp ../dist/*64bit.rpm ${rpm_path}/
 
-        createrepo_c -u https://github.com/aquasecurity/trivy/releases/download/ --location-prefix="v"$TRIVY_VERSION --update $rpm_path
+        createrepo_c -u https://github.com/$GH_USER/trivy/releases/download/ --location-prefix="v"$TRIVY_VERSION --update $rpm_path
 
         rm ${rpm_path}/*64bit.rpm
 }

diff --git a/goreleaser.yml b/goreleaser.yml
@@ -128,21 +128,21 @@ archives:
 brews:
   -
     tap:
-      owner: aquasecurity
+      owner: "{{ .Env.GH_USER }}"
       name: homebrew-trivy
-    homepage: "https://github.com/aquasecurity/trivy"
+    homepage: "https://github.com/{{ .Env.GH_USER }}/trivy"
     description: "Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues"
     test: |
       system "#{bin}/trivy", "--version"
 
 dockers:
   - image_templates:
-      - "docker.io/aquasec/trivy:{{ .Version }}-amd64"
-      - "docker.io/aquasec/trivy:latest-amd64"
-      - "ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64"
-      - "ghcr.io/aquasecurity/trivy:latest-amd64"
-      - "public.ecr.aws/aquasecurity/trivy:latest-amd64"
-      - "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-amd64"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:latest-amd64"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-amd64"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:latest-amd64"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:latest-amd64"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-amd64"
     use: buildx
     goos: linux
     goarch: amd64
@@ -162,12 +162,12 @@ dockers:
     extra_files:
     - contrib/
   - image_templates:
-      - "docker.io/aquasec/trivy:{{ .Version }}-arm64"
-      - "docker.io/aquasec/trivy:latest-arm64"
-      - "ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64"
-      - "ghcr.io/aquasecurity/trivy:latest-arm64"
-      - "public.ecr.aws/aquasecurity/trivy:latest-arm64"
-      - "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-arm64"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:latest-arm64"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-arm64"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:latest-arm64"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:latest-arm64"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-arm64"
     use: buildx
     goos: linux
     goarch: arm64
@@ -187,12 +187,12 @@ dockers:
     extra_files:
     - contrib/
   - image_templates:
-      - "docker.io/aquasec/trivy:{{ .Version }}-s390x"
-      - "docker.io/aquasec/trivy:latest-s390x"
-      - "ghcr.io/aquasecurity/trivy:{{ .Version }}-s390x"
-      - "ghcr.io/aquasecurity/trivy:latest-s390x"
-      - "public.ecr.aws/aquasecurity/trivy:latest-s390x"
-      - "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-s390x"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-s390x"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:latest-s390x"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-s390x"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:latest-s390x"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:latest-s390x"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-s390x"
     use: buildx
     goos: linux
     goarch: s390x
@@ -212,12 +212,12 @@ dockers:
     extra_files:
     - contrib/
   - image_templates:
-      - "docker.io/aquasec/trivy:{{ .Version }}-ppc64le"
-      - "docker.io/aquasec/trivy:latest-ppc64le"
-      - "ghcr.io/aquasecurity/trivy:{{ .Version }}-ppc64le"
-      - "ghcr.io/aquasecurity/trivy:latest-ppc64le"
-      - "public.ecr.aws/aquasecurity/trivy:latest-ppc64le"
-      - "public.ecr.aws/aquasecurity/trivy:{{ .Version }}-ppc64le"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-ppc64le"
+      - "docker.io/{{ .Env.DOCKER_USER }}/trivy:latest-ppc64le"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-ppc64le"
+      - "ghcr.io/{{ .Env.GH_USER }}/trivy:latest-ppc64le"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:latest-ppc64le"
+      - "public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-ppc64le"
     use: buildx
     goos: linux
     goarch: ppc64le
@@ -238,42 +238,42 @@ dockers:
     - contrib/
 
 docker_manifests:
-  - name_template: 'aquasec/trivy:{{ .Version }}'
+  - name_template: '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}'
     image_templates:
-    - 'aquasec/trivy:{{ .Version }}-amd64'
-    - 'aquasec/trivy:{{ .Version }}-arm64'
-    - 'aquasec/trivy:{{ .Version }}-s390x'
-    - 'aquasec/trivy:{{ .Version }}-ppc64le'
-  - name_template: 'ghcr.io/aquasecurity/trivy:{{ .Version }}'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-amd64'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-arm64'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-s390x'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-ppc64le'
+  - name_template: 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}'
     image_templates:
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-s390x'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-ppc64le'
-  - name_template: 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-amd64'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-arm64'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-s390x'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-ppc64le'
+  - name_template: 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}'
     image_templates:
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-s390x'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-ppc64le'
-  - name_template: 'aquasec/trivy:latest'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-amd64'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-arm64'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-s390x'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-ppc64le'
+  - name_template: '{{ .Env.DOCKER_USER }}/trivy:latest'
     image_templates:
-    - 'aquasec/trivy:{{ .Version }}-amd64'
-    - 'aquasec/trivy:{{ .Version }}-arm64'
-    - 'aquasec/trivy:{{ .Version }}-s390x'
-    - 'aquasec/trivy:{{ .Version }}-ppc64le'
-  - name_template: 'ghcr.io/aquasecurity/trivy:latest'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-amd64'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-arm64'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-s390x'
+    - '{{ .Env.DOCKER_USER }}/trivy:{{ .Version }}-ppc64le'
+  - name_template: 'ghcr.io/{{ .Env.GH_USER }}/trivy:latest'
     image_templates:
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-amd64'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-arm64'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-s390x'
-    - 'ghcr.io/aquasecurity/trivy:{{ .Version }}-ppc64le'
-  - name_template: 'public.ecr.aws/aquasecurity/trivy:latest'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-amd64'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-arm64'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-s390x'
+    - 'ghcr.io/{{ .Env.GH_USER }}/trivy:{{ .Version }}-ppc64le'
+  - name_template: 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:latest'
     image_templates:
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-amd64'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-arm64'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-s390x'
-    - 'public.ecr.aws/aquasecurity/trivy:{{ .Version }}-ppc64le'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-amd64'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-arm64'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-s390x'
+    - 'public.ecr.aws/{{ .Env.AWS_USER }}/trivy:{{ .Version }}-ppc64le'
 
 signs:
 - cmd: cosign