diff --git a/.drone.yml b/.drone.yml index 6234fe94bec..e935835beda 100644 --- a/.drone.yml +++ b/.drone.yml @@ -588,6 +588,7 @@ steps: - yarn-install image: grafana/grafana-build:main name: rgm-package + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -722,8 +723,9 @@ steps: image: grafana/docker-puppeteer:1.1.0 name: test-a11y-frontend - commands: + - docker run --privileged --rm tonistiigi/binfmt --install all - /src/grafana-build docker --package=$(cat packages.txt | grep tar.gz | grep -v - docker | grep -v sha256) --ubuntu-base=ubuntu:22.10 --alpine-base=alpine:3.17.1 + docker | grep -v sha256) --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.17.1 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -731,6 +733,7 @@ steps: - rgm-package image: grafana/grafana-build:main name: rgm-build-docker + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -1723,6 +1726,7 @@ steps: - yarn-install image: grafana/grafana-build:main name: rgm-package + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -1892,8 +1896,9 @@ steps: repo: - grafana/grafana - commands: + - docker run --privileged --rm tonistiigi/binfmt --install all - /src/grafana-build docker --package=$(cat packages.txt | grep tar.gz | grep -v - docker | grep -v sha256) --ubuntu-base=ubuntu:22.10 --alpine-base=alpine:3.17.1 + docker | grep -v sha256) --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.17.1 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -1901,6 +1906,7 @@ steps: - rgm-package image: grafana/grafana-build:main name: rgm-build-docker + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -2944,6 +2950,7 @@ steps: failure: ignore image: grafana/grafana-build:main name: rgm-build + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -3002,6 +3009,7 @@ steps: from_secret: packages_gpg_public_key image: grafana/grafana-build:main name: rgm-build + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -3123,6 +3131,7 @@ steps: from_secret: packages_gpg_public_key image: grafana/grafana-build:main name: rgm-build + pull: always volumes: - name: docker path: /var/run/docker.sock @@ -3864,7 +3873,7 @@ steps: - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM google/cloud-sdk:431.0.0 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana-ci-deploy:1.3.3 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.17.1 - - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.10 + - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.04 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM byrnedo/alpine-curl:0.1.8 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM plugins/slack - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM python:3.8 @@ -3897,7 +3906,7 @@ steps: - trivy --exit-code 1 --severity HIGH,CRITICAL google/cloud-sdk:431.0.0 - trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana-ci-deploy:1.3.3 - trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.17.1 - - trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.10 + - trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.04 - trivy --exit-code 1 --severity HIGH,CRITICAL byrnedo/alpine-curl:0.1.8 - trivy --exit-code 1 --severity HIGH,CRITICAL plugins/slack - trivy --exit-code 1 --severity HIGH,CRITICAL python:3.8 @@ -4164,6 +4173,6 @@ kind: secret name: gcr_credentials --- kind: signature -hmac: d3a519d45aa8abd7424ede359c024e5212341bcbc1a51e27cda1922a4e42877a +hmac: 949da38eb5870264a09e11ba9f82401c5ddf14666325502f915a8e9b5e2b857c ... diff --git a/scripts/drone/rgm.star b/scripts/drone/rgm.star index f91d85bdd03..0893abfc03e 100644 --- a/scripts/drone/rgm.star +++ b/scripts/drone/rgm.star @@ -101,6 +101,7 @@ def rgm_build(script = "drone_publish_main.sh", canFail = True): rgm_build_step = { "name": "rgm-build", "image": "grafana/grafana-build:main", + "pull": "always", "commands": [ "export GRAFANA_DIR=$$(pwd)", "cd /src && ./scripts/{}".format(script), diff --git a/scripts/drone/steps/rgm.star b/scripts/drone/steps/rgm.star index 62b3c26161b..b41e5fde8ea 100644 --- a/scripts/drone/steps/rgm.star +++ b/scripts/drone/steps/rgm.star @@ -8,6 +8,7 @@ def rgm_package_step(distros = "linux/amd64,linux/arm64", file = "packages.txt") return { "name": "rgm-package", "image": "grafana/grafana-build:main", + "pull": "always", "depends_on": ["yarn-install"], "commands": [ "/src/grafana-build package --distro={} ".format(distros) + @@ -25,6 +26,7 @@ def rgm_build_backend_step(distros = "linux/amd64,linux/arm64"): return { "name": "rgm-package", "image": "grafana/grafana-build:main", + "pull": "always", "commands": [ "/src/grafana-build build --distro={} --grafana-dir=$$PWD".format(distros), ], @@ -35,7 +37,9 @@ def rgm_build_docker_step(packages, ubuntu, alpine, depends_on = ["rgm-package"] return { "name": "rgm-build-docker", "image": "grafana/grafana-build:main", + "pull": "always", "commands": [ + "docker run --privileged --rm tonistiigi/binfmt --install all", "/src/grafana-build docker " + "--package=$(cat {} | grep tar.gz | grep -v docker | grep -v sha256) ".format(packages) + "--ubuntu-base={} ".format(ubuntu) + diff --git a/scripts/drone/utils/images.star b/scripts/drone/utils/images.star index 9c38d3c06e8..9ed20c73574 100644 --- a/scripts/drone/utils/images.star +++ b/scripts/drone/utils/images.star @@ -15,7 +15,7 @@ images = { "cloudsdk": "google/cloud-sdk:431.0.0", "publish": "grafana/grafana-ci-deploy:1.3.3", "alpine": "alpine:3.17.1", - "ubuntu": "ubuntu:22.10", + "ubuntu": "ubuntu:22.04", "curl": "byrnedo/alpine-curl:0.1.8", "plugins_slack": "plugins/slack", "python": "python:3.8",