Skip to content

Commit

Permalink
Fix broken scan-docker-images CI job (#2099)
Browse files Browse the repository at this point in the history 
* Use cimg/base:current-22.04, use /usr/bin/bash, and move shell options to their own step.

* Fix code typo

* remove curl package command

* fix trivy

* remove commands

* add sudo for trivycli copy

---------

Co-authored-by: pgvishnuram <vishnu@astronomer.io>
  • Loading branch information
@danielhoherd @pgvishnuram
danielhoherd and pgvishnuram committed Feb 1, 2024
1 parent b64c28a commit 15da5cc
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 16 deletions.
16 changes: 8 additions & 8 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@ parameters:
jobs:
trivy-scan-docker:
docker:
- image: cimg/base:stable
shell: /bin/sh -leo pipefail
- image: cimg/base:current-22.04
shell: /usr/bin/bash
parameters:
docker_image:
type: string
Expand All @@ -48,15 +48,15 @@ jobs:
steps:
- setup_remote_docker:
docker_layer_caching: true
- run: set -euo pipefail
- checkout
- run:
name: Pull Docker image
command: docker pull << parameters.docker_image >>
- run:
name: Install trivy
command: |
apk add --update-cache --upgrade curl rpm bash
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b /usr/local/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sudo sh -s -- -b /usr/local/bin
date +%F > date
- restore_cache:
keys:
Expand Down Expand Up @@ -86,21 +86,21 @@ jobs:

twistcli-scan-docker:
docker:
- image: cimg/base:stable
shell: /bin/sh -leo pipefail
- image: cimg/base:current-22.04
shell: /usr/bin/bash
parameters:
docker_image:
type: string
steps:
- setup_remote_docker:
docker_layer_caching: true
- run: set -euo pipefail
- run:
name: Pull Docker image
command: docker pull << parameters.docker_image >>
- run:
name: Install twistcli
command: |
apk add --update-cache --upgrade curl
curl -k -u $USER:$PASSWORD --output twistcli $CONSOLE_URL"/api/v1/util/twistcli"
chmod +x twistcli
- run:
Expand Down Expand Up @@ -332,7 +332,7 @@ jobs:

check-commander-airflow-version:
docker:
- image: cimg/base:stable
- image: cimg/base:current-22.04
steps:
- checkout
- setup_remote_docker:
Expand Down
16 changes: 8 additions & 8 deletions .circleci/config.yml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ parameters:
jobs:
trivy-scan-docker:
docker:
- image: cimg/base:stable
shell: /bin/sh -leo pipefail
- image: cimg/base:current-22.04
shell: /usr/bin/bash
parameters:
docker_image:
type: string
Expand All @@ -46,15 +46,15 @@ jobs:
steps:
- setup_remote_docker:
docker_layer_caching: true
- run: set -euo pipefail
- checkout
- run:
name: Pull Docker image
command: docker pull << parameters.docker_image >>
- run:
name: Install trivy
command: |
apk add --update-cache --upgrade curl rpm bash
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b /usr/local/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sudo sh -s -- -b /usr/local/bin
date +%F > date
- restore_cache:
keys:
Expand Down Expand Up @@ -84,21 +84,21 @@ jobs:

twistcli-scan-docker:
docker:
- image: cimg/base:stable
shell: /bin/sh -leo pipefail
- image: cimg/base:current-22.04
shell: /usr/bin/bash
parameters:
docker_image:
type: string
steps:
- setup_remote_docker:
docker_layer_caching: true
- run: set -euo pipefail
- run:
name: Pull Docker image
command: docker pull << parameters.docker_image >>
- run:
name: Install twistcli
command: |
apk add --update-cache --upgrade curl
curl -k -u $USER:$PASSWORD --output twistcli $CONSOLE_URL"/api/v1/util/twistcli"
chmod +x twistcli
- run:
Expand Down Expand Up @@ -267,7 +267,7 @@ jobs:

check-commander-airflow-version:
docker:
- image: cimg/base:stable
- image: cimg/base:current-22.04
steps:
- checkout
- setup_remote_docker:
Expand Down

0 comments on commit 15da5cc

Please sign in to comment.