diff --git a/.github/workflows/ci-build-publish-image.yml b/.github/workflows/ci-build-publish-image.yml index 378213a8..1823cd16 100644 --- a/.github/workflows/ci-build-publish-image.yml +++ b/.github/workflows/ci-build-publish-image.yml @@ -14,6 +14,12 @@ on: required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string + image-signing: description: Flag to toggle image signing on/off - default off default: true @@ -155,6 +161,7 @@ jobs: with: image-name: ${{ inputs.image-name }} image-pack: ${{ inputs.image-pack }} + image-pack-tag: ${{ inputs.image-pack-tag }} image-signing: ${{ inputs.image-signing }} image-tag: ${{ inputs.image-tag }} java-version: ${{ inputs.java-version }} @@ -177,6 +184,7 @@ jobs: with: image-name: ${{ inputs.image-name }} image-pack: ${{ inputs.image-pack }} + image-pack-tag: ${{ inputs.image-pack-tag }} image-signing: ${{ inputs.image-signing }} java-version: ${{ inputs.java-version }} slack-channel-id: ${{ inputs.slack-channel-id }} diff --git a/.github/workflows/ci-pr-checks.yml b/.github/workflows/ci-pr-checks.yml index a023c7a4..df7f6b56 100644 --- a/.github/workflows/ci-pr-checks.yml +++ b/.github/workflows/ci-pr-checks.yml @@ -38,6 +38,11 @@ on: default: builder-jammy-tiny required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string auto-merge-types: type: string pull-request-title: @@ -156,6 +161,7 @@ jobs: with: image-name: ${{ inputs.image-name }} image-pack: ${{ inputs.image-pack }} + image-pack-tag: ${{ inputs.image-pack-tag }} java-version: ${{ inputs.java-version }} secrets: inherit @@ -168,6 +174,7 @@ jobs: with: image-name: ${{ inputs.image-name }} image-pack: ${{ inputs.image-pack }} + image-pack-tag: ${{ inputs.image-pack-tag }} java-version: ${{ inputs.java-version }} native: ${{ inputs.native }} secrets: inherit diff --git a/.github/workflows/ci-quarkus-build-publish-image.yml b/.github/workflows/ci-quarkus-build-publish-image.yml index 4ad7354c..c039a3f1 100644 --- a/.github/workflows/ci-quarkus-build-publish-image.yml +++ b/.github/workflows/ci-quarkus-build-publish-image.yml @@ -14,6 +14,12 @@ on: required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string + image-signing: description: Flag to toggle image signing on/off - default off default: true @@ -136,7 +142,7 @@ jobs: --path . \ --buildpack docker://paketobuildpacks/quarkus \ --buildpack docker://paketobuildpacks/java-native-image \ - --builder paketobuildpacks/${{ inputs.image-pack }}:0.0.440 \ + --builder paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ --volume "${HOME}/.m2:/home/cnb/.m2:rw" \ --env BP_JVM_VERSION="${{ inputs.java-version }}" \ --env BP_MAVEN_POM_FILE="./pom.xml" \ @@ -151,7 +157,7 @@ jobs: --path . \ --buildpack docker://paketobuildpacks/quarkus \ --buildpack docker://paketobuildpacks/java \ - --builder paketobuildpacks/${{ inputs.image-pack }}:0.0.440 \ + --builder paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ --volume "${HOME}/.m2:/home/cnb/.m2:rw" \ --env BP_JVM_VERSION="${{ inputs.java-version }}" \ --env BP_MAVEN_POM_FILE="./pom.xml" \ diff --git a/.github/workflows/ci-quarkus-container-scan.yml b/.github/workflows/ci-quarkus-container-scan.yml index a781ee5e..83d3dff2 100644 --- a/.github/workflows/ci-quarkus-container-scan.yml +++ b/.github/workflows/ci-quarkus-container-scan.yml @@ -14,6 +14,12 @@ on: required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string + registry-url: description: Image/Container Registery URL default: "my-local-registery" @@ -92,7 +98,7 @@ jobs: --path . \ --buildpack docker://paketobuildpacks/quarkus \ --buildpack docker://paketobuildpacks/java-native-image \ - --builder paketobuildpacks/${{ inputs.image-pack }}:0.0.440 \ + --builder paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ --volume "${HOME}/.m2:/home/cnb/.m2:rw" \ --env BP_JVM_VERSION="${{ inputs.java-version }}" \ --env BP_MAVEN_POM_FILE="./pom.xml" \ @@ -107,7 +113,7 @@ jobs: --path . \ --buildpack docker://paketobuildpacks/quarkus \ --buildpack docker://paketobuildpacks/java \ - --builder paketobuildpacks/${{ inputs.image-pack }}:0.0.440 \ + --builder paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ --volume "${HOME}/.m2:/home/cnb/.m2:rw" \ --env BP_JVM_VERSION="${{ inputs.java-version }}" \ --env BP_MAVEN_POM_FILE="./pom.xml" \ diff --git a/.github/workflows/ci-spring-boot-build-publish-image.yml b/.github/workflows/ci-spring-boot-build-publish-image.yml index 3d820aed..495c64c3 100644 --- a/.github/workflows/ci-spring-boot-build-publish-image.yml +++ b/.github/workflows/ci-spring-boot-build-publish-image.yml @@ -14,6 +14,12 @@ on: required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string + image-signing: description: Flag to toggle image signing on/off - default off default: true @@ -193,7 +199,7 @@ jobs: mvn install -B spring-boot:build-image \ -pl ${{ inputs.module-name }} -am \ -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} \ - -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }} \ + -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ -Dspring-boot.build-image.createdDate=now - name: Build image with Maven/Spring Boot (application-path) @@ -202,7 +208,7 @@ jobs: mvn -B spring-boot:build-image \ --file ${{ inputs.application-path }}pom.xml \ -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} \ - -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:0.0.440 \ + -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} \ -Dspring-boot.build-image.createdDate=now - name: Set trivyignore env if file exists diff --git a/.github/workflows/ci-spring-boot-container-scan.yml b/.github/workflows/ci-spring-boot-container-scan.yml index d2714466..d6ab9029 100644 --- a/.github/workflows/ci-spring-boot-container-scan.yml +++ b/.github/workflows/ci-spring-boot-container-scan.yml @@ -12,6 +12,11 @@ on: default: builder-jammy-tiny required: false type: string + image-pack-tag: + description: "Docker image pack version tag. Pinned to 0.0.440 due to lifecycle 0.21.2 regression (see: paketo-buildpacks/builder-noble-java-tiny#191). Normally we would use 'latest', but this is temporarily pinned until the upstream issue is resolved." + default: "0.0.440" + required: false + type: string registry-url: description: Image/Container Registery URL default: "my-local-registery" @@ -104,11 +109,11 @@ jobs: - name: Build image with Maven (module-name, skips tests) if: inputs.module-name != '' - run: mvn install -DskipTests -B spring-boot:build-image -pl ${{ inputs.module-name }} -am -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }} + run: mvn install -DskipTests -B spring-boot:build-image -pl ${{ inputs.module-name }} -am -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} - name: Build image with Maven (application-path, skips tests) if: inputs.module-name == '' - run: mvn -DskipTests -B spring-boot:build-image --file ${{ inputs.application-path }}pom.xml -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:0.0.440 + run: mvn -DskipTests -B spring-boot:build-image --file ${{ inputs.application-path }}pom.xml -Dspring-boot.build-image.imageName=${{ steps.set-image-name.outputs.image-name }}:${{ steps.set-image-tag.outputs.image-tag }} -Dspring-boot.build-image.builder=paketobuildpacks/${{ inputs.image-pack }}:${{ inputs.image-pack-tag }} - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # pin@v0.33.1