Compare revisions

Benguria Elguezabal, Gorka · Guilhem Bonnefille · to be continuous bot · to be continuous bot · Anoop Mazhavancheri · Pierre Smeyers
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+variables:
+  GIT_STRATEGY: clone
+
 include:
  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/extract@master
    inputs:
@@ -6,7 +9,7 @@ include:
    inputs:
      check-links-job-tags: ["docker"]
      tbc-check-job-tags: ["docker"]
-      tbc-check-image: registry.gitlab.com/gbenguria/tbc-check:main
+      tbc-check-image: cicd-docker-dev.artifact.tecnalia.com/tbc-check:master
      gitlab-ci-lint-job-tags: ["docker"]
  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
    inputs:
@@ -21,6 +24,7 @@ include:

 stages:
  - build
+  - test
  - publish

 variables:

--- a/.gitleaksignore
+++ b/.gitleaksignore
+a64568eb3639a163cb0f387257017209a85869d7:README.md:generic-api-key:181
\ No newline at end of file
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
+## [5.10.3](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/compare/5.10.2...5.10.3) (2024-07-02)
+
+
+### Bug Fixes
+
+* **Trivy:** Trivy 0.53.0 added the clean subcommand for semantic cache management ([e3a9540](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/commit/e3a954080b1150ae35c403cffdb71ae750c9a741))
+
 ## [5.10.2](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/compare/5.10.1...5.10.2) (2024-05-13)



--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Add the following to your `gitlab-ci.yml`:
 ```yaml
 include:
  # 1: include the component
-  - component: gitlab.com/to-be-continuous/docker/gitlab-ci-docker@5.10.2
+  - component: gitlab.com/to-be-continuous/docker/gitlab-ci-docker@5.10.3
    # 2: set/override component inputs
    inputs:
      build-tool: buildah # ⚠ this is only an example
@@ -28,7 +28,7 @@ Add the following to your `gitlab-ci.yml`:
 include:
  # 1: include the template
  - project: 'to-be-continuous/docker'
-    ref: '5.10.2'
+    ref: '5.10.3'
    file: '/templates/gitlab-ci-docker.yml'

 variables:

--- a/templates/gitlab-ci-docker-ecr.yml
+++ b/templates/gitlab-ci-docker-ecr.yml
@@ -45,7 +45,7 @@ variables:
 .docker-base:
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.2"]
+      command: ["--service", "docker", "5.10.3"]
    - name: "$TBC_AWS_PROVIDER_IMAGE"
      alias: "aws-auth-provider"
  id_tokens:

--- a/templates/gitlab-ci-docker-gcp.yml
+++ b/templates/gitlab-ci-docker-gcp.yml
@@ -44,7 +44,7 @@ variables:
 .docker-base:
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.2"]
+      command: ["--service", "docker", "5.10.3"]
    - name: "$TBC_GCP_PROVIDER_IMAGE"
      alias: "gcp-auth-provider"
  variables:

--- a/templates/gitlab-ci-docker-vault.yml
+++ b/templates/gitlab-ci-docker-vault.yml
@@ -22,7 +22,7 @@ variables:
 .docker-base:
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.2"]
+      command: ["--service", "docker", "5.10.3"]
    - name: "$TBC_VAULT_IMAGE"
      alias: "vault-secrets-provider"
  variables:

--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -650,7 +650,7 @@ stages:
      kaniko_registry_mirror_option="--registry-mirror $(echo ${DOCKER_REGISTRY_MIRROR} | sed "s|^https*://||")"
    fi
    log_info "Build & deploy image $docker_image"
-    log_info "Kaniko command: /kaniko/executor --context $(docker_context_path) --dockerfile $DOCKER_FILE --destination $docker_image ${kaniko_cache_args} $kaniko_registry_mirror_option $DOCKER_METADATA $DOCKER_BUILD_ARGS $*"
+    log_info "Kaniko command: /kaniko/executor ${TRACE+--verbosity debug} --context $(docker_context_path) --dockerfile $DOCKER_FILE --destination $docker_image ${kaniko_cache_args} $kaniko_registry_mirror_option $DOCKER_METADATA $DOCKER_BUILD_ARGS $*"
    # shellcheck disable=SC2086
    /kaniko/executor ${TRACE+--verbosity debug} --context "$(docker_context_path)" --dockerfile "$DOCKER_FILE" --destination "$docker_image" ${kaniko_cache_args} $kaniko_registry_mirror_option $DOCKER_METADATA $DOCKER_BUILD_ARGS "$@"
  }
@@ -697,7 +697,7 @@ stages:
 .docker-base:
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.2"]
+      command: ["--service", "docker", "5.10.3"]
  before_script:
    - !reference [.docker-scripts]

@@ -730,7 +730,7 @@ stages:
    _TRACE: "${TRACE}"
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.2"]
+      command: ["--service", "docker", "5.10.3"]
    - name: $DOCKER_DIND_IMAGE
      alias: docker
      command:
@@ -968,7 +968,7 @@ docker-trivy:
    TRIVY_CACHE_DIR: ".trivycache/"
  script: |
    # cache cleanup is needed when scanning images with the same tags, it does not remove the database
-    trivy image --clear-cache
+    trivy clean --scan-cache || trivy image --clear-cache
    export TRIVY_USERNAME=${DOCKER_REGISTRY_SNAPSHOT_USER:-${DOCKER_REGISTRY_USER:-$CI_REGISTRY_USER}}
    export TRIVY_PASSWORD=${DOCKER_REGISTRY_SNAPSHOT_PASSWORD:-${DOCKER_REGISTRY_PASSWORD:-$CI_REGISTRY_PASSWORD}}
    basename=$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
No results found