Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add scheduled image builds for improved security #22

Closed
poikilotherm opened this issue Apr 8, 2019 · 2 comments · Fixed by #105
Closed

Add scheduled image builds for improved security #22

poikilotherm opened this issue Apr 8, 2019 · 2 comments · Fixed by #105
Labels
enhancement New feature or request
Milestone
v4.16

Comments

@poikilotherm
Copy link
Member

Images should be updated regularly when the base image (currently CentOS) is updated.

Linked builds on Docker Hub only work for non-official images (they might have a lack of resources...), so we need to add this ourselfs.

First idea: use Travis CI, they offer scheduled builds OOB.
@poikilotherm poikilotherm added the enhancement New feature or request label Apr 8, 2019
@pdurbin
Copy link
Member

pdurbin commented Apr 9, 2019

You might want to investigate using https://jenkins.dataverse.org which is a new resource that will be documented in IQSS/dataverse#5725

If you'd like some jobs to be added, I would suggest opening issues at https://github.com/IQSS/dataverse-jenkins/issues

@poikilotherm
Copy link
Member Author

poikilotherm commented Apr 28, 2019
edited
Loading

This should include a regular security scan when building the images.

This can be done using Clair as standalone, Anchore or similar. See also blog post on different engines part 1 and part 2.

Anchore seems benefical as it also offers scanning for Java libs etc.

poikilotherm added a commit that referenced this issue Jun 28, 2019
@poikilotherm
First simple Jenkinsfile for building iqss/dataverse-k8s. See #22
56275c2
poikilotherm added a commit that referenced this issue Jun 28, 2019
@poikilotherm
First simple Jenkinsfile for building iqss/dataverse-k8s. See #22
2d8f362
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
First simple Jenkinsfile for building iqss/dataverse-k8s. See #22
6ff13af
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Switch Jenkinsfile for docker/dataverse-k8s from scripted to des…
6eb3880 
…criptive pipeline.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
c09e79d 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
5de26dc 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
5c7c4d7 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
f31323f 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
e3ee849 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Remove double checkout from pipeline.
726340d
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Enable push for tags and master only.
4ccd1b7
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Enable pull option for Docker build to ensure up-to-date base im…
9011498 
…ages.
poikilotherm added a commit that referenced this issue Aug 30, 2019
@poikilotherm
#22. Push real release tags (v4.*) and latest images.
0f920a4
poikilotherm added a commit that referenced this issue Sep 2, 2019
@poikilotherm
#22. Add repo-wide Jenkinsfile to trigger builds depending on context.
19a8cd4
@poikilotherm poikilotherm mentioned this issue Sep 19, 2019
Closed
2 tasks
@poikilotherm poikilotherm added this to the v4.16 milestone Sep 19, 2019
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Push image with latest tag. For testing, restriction to master a…
4abcc55 
…nd tags is left out.
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Remove double checkout from pipeline.
4f7bfcc
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Enable push for tags and master only.
a1100e1
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Enable pull option for Docker build to ensure up-to-date base im…
fb153d0 
…ages.
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Push real release tags (v4.*) and latest images.
7f99793
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
#22. Add repo-wide Jenkinsfile to trigger builds depending on context.
33357c4
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
Add scheduled trigger for building dataverse-k8s in Jenkins pipeline.…
cd864ad 
… See #22.
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
Add scheduled trigger for building dataverse-k8s in Jenkins pipeline.…
93919ce 
… See #22.
poikilotherm added a commit that referenced this issue Oct 16, 2019
@poikilotherm
Add scheduled trigger for building dataverse-k8s in Jenkins pipeline.…
a91f976 
… See #22.
@poikilotherm poikilotherm mentioned this issue Oct 16, 2019
Closed
@poikilotherm poikilotherm mentioned this issue Oct 16, 2019
Merged
@poikilotherm poikilotherm mentioned this issue Nov 5, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v4.16
Development

Successfully merging a pull request may close this issue.

22 images jenkins gdcc/dataverse-kubernetes
2 participants
@pdurbin @poikilotherm