Skip to content

Cherry pick: Bump netty - CVE-2023-44487 #3

Cherry pick: Bump netty - CVE-2023-44487

Cherry pick: Bump netty - CVE-2023-44487 #3

Workflow file for this run

name: Build and Push
on:
push:
branches: [ main ]
tags:
- v*
pull_request:
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 17
uses: actions/[email protected]
with:
java-version: '17'
distribution: 'temurin'
- name: Install etcd
run: sudo ./.github/install-etcd.sh
- name: Build with Maven
run: mvn -B package --file pom.xml
build:
needs: test
runs-on: ubuntu-latest
env:
IMAGE_NAME: kserve/modelmesh
steps:
- uses: actions/checkout@v2
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
if: github.event_name == 'push'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
- name: Export version variables
run: |
GIT_COMMIT=$(git rev-parse HEAD)
BUILD_ID=$(date '+%Y%m%d')-$(git rev-parse HEAD | cut -c -5)
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Use Docker `latest` tag convention
[ "$VERSION" == "main" ] && VERSION=latest
echo "GIT_COMMIT=$GIT_COMMIT" >> $GITHUB_ENV
echo "BUILD_ID=$BUILD_ID" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v3
with:
# for linux/s390x, maven errors due to missing io.grpc:protoc-gen-grpc-java:exe:linux-s390_64:1.51.1
platforms: linux/amd64,linux/arm64/v8,linux/ppc64le
pull: true
cache-from: type=gha
cache-to: type=gha,mode=max
push: ${{ github.event_name == 'push' }}
tags: ${{ env.IMAGE_NAME }}:${{ env.VERSION }}
build-args: |
imageVersion=${{ env.VERSION }}
buildId=${{ env.BUILD_ID }}
commitSha=${{ env.GIT_COMMIT }}