From e84d6b8992d90244b54b1d831fa2738ccb75148d Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Mon, 14 Mar 2022 16:01:39 +1100 Subject: [PATCH 1/8] DCD-1488: Update the Confluence docker repo to docker-public.packages.atlassian.com --- .snyk | 18 ++++++++++++ bitbucket-pipelines.yml | 58 +++++++++++++++++++------------------- bitbucket-pipelines.yml.j2 | 14 ++++----- 3 files changed, 54 insertions(+), 36 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..953c330 --- /dev/null +++ b/.snyk @@ -0,0 +1,18 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + SNYK-UBUNTU2004-EXPAT-2403934: + - '*': + reason: Ignore until March 25, 2022 - waiting for `adoptopenjdk/openjdk11` image update + expires: 2022-03-25T00:00:00.000Z + SNYK-UBUNTU2004-CYRUSSASL2-2408941: + - '*': + reason: Ignore until March 25, 2022 - waiting for `adoptopenjdk/openjdk11` image update + expires: 2022-03-25T00:00:00.000Z + SNYK-UBUNTU2004-EXPAT-2403778: + - '*': + reason: Ignore until March 25, 2022 - waiting for `adoptopenjdk/openjdk11` image update + expires: 2022-03-25T00:00:00.000Z +patch: {} + diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 1800890..3611331 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -3,7 +3,7 @@ # # python3 pipelines-generator.py > bitbucket-pipelines.yml -image: atlassian/docker-release-maker:latest +image: docker-public.packages.atlassian.com/atlassian/docker-release-maker:latest definitions: services: docker: @@ -33,7 +33,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -58,7 +58,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -83,7 +83,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -108,7 +108,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -133,7 +133,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -158,7 +158,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -183,7 +183,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -208,7 +208,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -233,7 +233,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -258,7 +258,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -283,7 +283,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -308,7 +308,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -394,7 +394,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -420,7 +420,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -446,7 +446,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -472,7 +472,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -498,7 +498,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -524,7 +524,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -550,7 +550,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -576,7 +576,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -602,7 +602,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -628,7 +628,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -654,7 +654,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -680,7 +680,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -709,10 +709,10 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > - docker build -t atlassian/confluence:${DOCKER_TAG} + docker build -t docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --build-arg CONFLUENCE_VERSION=${CONFLUENCE_VERSION} . - snyk auth $SNYK_TOKEN - - snyk container test atlassian/confluence:${DOCKER_TAG} --severity-threshold=high - - docker push atlassian/confluence:${DOCKER_TAG} + - snyk container test docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high + - docker push docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} diff --git a/bitbucket-pipelines.yml.j2 b/bitbucket-pipelines.yml.j2 index 01bb5ec..5ad1d20 100644 --- a/bitbucket-pipelines.yml.j2 +++ b/bitbucket-pipelines.yml.j2 @@ -3,7 +3,7 @@ # # python3 pipelines-generator.py > bitbucket-pipelines.yml -image: atlassian/docker-release-maker:latest +image: docker-public.packages.atlassian.com/atlassian/docker-release-maker:latest definitions: services: docker: @@ -36,7 +36,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -130,7 +130,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -164,10 +164,10 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_PASSWORD} | docker login --username ${DOCKER_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin - > - docker build -t atlassian/confluence:${DOCKER_TAG} + docker build -t docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --build-arg CONFLUENCE_VERSION=${CONFLUENCE_VERSION} . - snyk auth $SNYK_TOKEN - - snyk container test atlassian/confluence:${DOCKER_TAG} --severity-threshold=high - - docker push atlassian/confluence:${DOCKER_TAG} + - snyk container test docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high + - docker push docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} From 0e896de38b9e4fb7cdf64136d751f6a4a60a1adf Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Tue, 15 Mar 2022 11:55:48 +1100 Subject: [PATCH 2/8] Updated the repo names in pipeline generator --- bitbucket-pipelines.yml | 48 ++++++++++++++++++++--------------------- pipelines-generator.py | 3 ++- 2 files changed, 26 insertions(+), 25 deletions(-) diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 3611331..d95f1ca 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -48,7 +48,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='0' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -73,7 +73,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='1' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -98,7 +98,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='2' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -123,7 +123,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='3' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -148,7 +148,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='4' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -173,7 +173,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='5' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -198,7 +198,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='6' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -223,7 +223,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='7' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -248,7 +248,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='8' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -273,7 +273,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='9' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -298,7 +298,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='10' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -323,7 +323,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='11' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -410,7 +410,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='0' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -436,7 +436,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='1' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -462,7 +462,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='2' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -488,7 +488,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='3' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -514,7 +514,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='4' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -540,7 +540,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='5' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -566,7 +566,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='6' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -592,7 +592,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='7' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -618,7 +618,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='8' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -644,7 +644,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='9' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -670,7 +670,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='10' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push @@ -696,7 +696,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='11' \ --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ + --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ --push diff --git a/pipelines-generator.py b/pipelines-generator.py index f6bf6e4..319bce5 100755 --- a/pipelines-generator.py +++ b/pipelines-generator.py @@ -4,7 +4,8 @@ import os import jinja2 as j2 TEMPLATE_FILE = 'bitbucket-pipelines.yml.j2' -REPOS = ['atlassian/confluence', 'atlassian/confluence-server'] +REPOS = ['docker-public.packages.atlassian.com/atlassian/confluence', + 'docker-public.packages.atlassian.com/atlassian/confluence-server'] images = { 'Confluence': { From 43e3ca3557b72cbf70b53993328a6cce86164cf6 Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Tue, 15 Mar 2022 13:49:50 +1100 Subject: [PATCH 3/8] Reverted the update the repo names in pipeline generator --- bitbucket-pipelines.yml | 48 ++++++++++++++++++++--------------------- pipelines-generator.py | 3 +-- 2 files changed, 25 insertions(+), 26 deletions(-) diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index d95f1ca..3611331 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -48,7 +48,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='0' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -73,7 +73,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='1' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -98,7 +98,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='2' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -123,7 +123,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='3' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -148,7 +148,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='4' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -173,7 +173,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='5' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -198,7 +198,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='6' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -223,7 +223,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='7' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -248,7 +248,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='8' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -273,7 +273,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='9' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -298,7 +298,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='10' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -323,7 +323,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='11' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -410,7 +410,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='0' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -436,7 +436,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='1' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -462,7 +462,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='2' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -488,7 +488,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='3' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -514,7 +514,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='4' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -540,7 +540,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='5' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -566,7 +566,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='6' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -592,7 +592,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='7' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -618,7 +618,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='8' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -644,7 +644,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='9' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -670,7 +670,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='10' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -696,7 +696,7 @@ pipelines: --concurrent-builds='1' \ --job-offset='11' \ --jobs-total='12' \ - --docker-repos='docker-public.packages.atlassian.com/atlassian/confluence,docker-public.packages.atlassian.com/atlassian/confluence-server' \ + --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push diff --git a/pipelines-generator.py b/pipelines-generator.py index 319bce5..f6bf6e4 100755 --- a/pipelines-generator.py +++ b/pipelines-generator.py @@ -4,8 +4,7 @@ import os import jinja2 as j2 TEMPLATE_FILE = 'bitbucket-pipelines.yml.j2' -REPOS = ['docker-public.packages.atlassian.com/atlassian/confluence', - 'docker-public.packages.atlassian.com/atlassian/confluence-server'] +REPOS = ['atlassian/confluence', 'atlassian/confluence-server'] images = { 'Confluence': { From 0f23ec0b3152299d840c57468a7a8794b607450b Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Wed, 16 Mar 2022 13:55:28 +1100 Subject: [PATCH 4/8] Using the environment variable DOCKER_REGISTRY in pipeline --- bitbucket-pipelines.yml | 56 +++++++++++++++++++------------------- bitbucket-pipelines.yml.j2 | 12 ++++---- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 3611331..38dedf8 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -33,7 +33,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -58,7 +58,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -83,7 +83,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -108,7 +108,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -133,7 +133,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -158,7 +158,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -183,7 +183,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -208,7 +208,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -233,7 +233,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -258,7 +258,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -283,7 +283,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -308,7 +308,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -394,7 +394,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -420,7 +420,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -446,7 +446,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -472,7 +472,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -498,7 +498,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -524,7 +524,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -550,7 +550,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -576,7 +576,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -602,7 +602,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -628,7 +628,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -654,7 +654,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -680,7 +680,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -709,10 +709,10 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > - docker build -t docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} + docker build -t ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} --build-arg CONFLUENCE_VERSION=${CONFLUENCE_VERSION} . - snyk auth $SNYK_TOKEN - - snyk container test docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high - - docker push docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} + - snyk container test ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high + - docker push ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} diff --git a/bitbucket-pipelines.yml.j2 b/bitbucket-pipelines.yml.j2 index 5ad1d20..ffd16d3 100644 --- a/bitbucket-pipelines.yml.j2 +++ b/bitbucket-pipelines.yml.j2 @@ -36,7 +36,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --update \ @@ -130,7 +130,7 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > python /usr/src/app/make-releases.py \ --create \ @@ -164,10 +164,10 @@ pipelines: - docker script: - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login docker-public.packages.atlassian.com --username ${DOCKER_BOT_USERNAME} --password-stdin + - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - > - docker build -t docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} + docker build -t ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} --build-arg CONFLUENCE_VERSION=${CONFLUENCE_VERSION} . - snyk auth $SNYK_TOKEN - - snyk container test docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high - - docker push docker-public.packages.atlassian.com/atlassian/confluence:${DOCKER_TAG} + - snyk container test ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} --severity-threshold=high + - docker push ${DOCKER_REGISTRY}/atlassian/confluence:${DOCKER_TAG} From 047afb86b285aef6eb38fcca5279e79fc471fee0 Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Wed, 16 Mar 2022 13:56:52 +1100 Subject: [PATCH 5/8] DCD-1492: Removed the push Readme to Docker Hub as this is not required anymore. --- bitbucket-pipelines.yml | 12 ------------ bitbucket-pipelines.yml.j2 | 12 ------------ 2 files changed, 24 deletions(-) diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 38dedf8..e04e067 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -327,18 +327,6 @@ pipelines: --push - - step: - name: Update README - image: python:3.7-alpine3.9 - script: - - apk add --no-cache git - - git submodule update --init --recursive - - pip install -q requests - - export DOCKER_REPO='atlassian/confluence-server' - - python shared-components/image/push-readme.py - - export DOCKER_REPO='atlassian/confluence' - - python shared-components/image/push-readme.py - ###################################################################### # All other branches & PRs; run unit tests & functional tests diff --git a/bitbucket-pipelines.yml.j2 b/bitbucket-pipelines.yml.j2 index ffd16d3..09b1ca1 100644 --- a/bitbucket-pipelines.yml.j2 +++ b/bitbucket-pipelines.yml.j2 @@ -60,18 +60,6 @@ pipelines: {% endfor %} {% endfor %} - - step: - name: Update README - image: python:3.7-alpine3.9 - script: - - apk add --no-cache git - - git submodule update --init --recursive - - pip install -q requests - - export DOCKER_REPO='atlassian/confluence-server' - - python shared-components/image/push-readme.py - - export DOCKER_REPO='atlassian/confluence' - - python shared-components/image/push-readme.py - ###################################################################### # All other branches & PRs; run unit tests & functional tests From 96f863bd9542c879273b91af947c395f63db0a1f Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Wed, 16 Mar 2022 14:41:23 +1100 Subject: [PATCH 6/8] Reduced the number of pipeline batches to 8 --- bitbucket-pipelines.yml | 236 +++------------------------------------- pipelines-generator.py | 2 +- 2 files changed, 17 insertions(+), 221 deletions(-) diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index e04e067..352f5bd 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -47,7 +47,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='0' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -72,7 +72,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='1' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -97,7 +97,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='2' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -122,7 +122,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='3' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -147,7 +147,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='4' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -172,7 +172,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='5' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -197,7 +197,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='6' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -222,107 +222,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='7' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 9 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --update \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='8' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 10 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --update \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='9' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 11 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --update \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='10' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 12 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --update \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='11' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -397,7 +297,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='0' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -423,7 +323,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='1' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -449,7 +349,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='2' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -475,7 +375,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='3' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -501,7 +401,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='4' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -527,7 +427,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='5' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -553,7 +453,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='6' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push @@ -579,111 +479,7 @@ pipelines: --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ --concurrent-builds='1' \ --job-offset='7' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 9 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --create \ - --create-eap \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='8' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 10 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --create \ - --create-eap \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='9' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 11 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --create \ - --create-eap \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='10' \ - --jobs-total='12' \ - --docker-repos='atlassian/confluence,atlassian/confluence-server' \ - --push - - - - step: - name: JDK 11 - Batch 12 - services: - - docker - script: - - git submodule update --init --recursive - - echo ${DOCKER_BOT_PASSWORD} | docker login ${DOCKER_REGISTRY} --username ${DOCKER_BOT_USERNAME} --password-stdin - - > - python /usr/src/app/make-releases.py \ - --create \ - --create-eap \ - --start-version='7.4' \ - --end-version='8' \ - --default-release \ - --dockerfile='Dockerfile' \ - --dockerfile-buildargs='BASE_IMAGE=adoptopenjdk/openjdk11' \ - --dockerfile-version-arg='CONFLUENCE_VERSION' \ - --mac-product-key='confluence' \ - --tag-suffixes='adoptopenjdk11,jdk11,ubuntu,ubuntu-18.04-adoptopenjdk11' \ - --concurrent-builds='1' \ - --job-offset='11' \ - --jobs-total='12' \ + --jobs-total='8' \ --docker-repos='atlassian/confluence,atlassian/confluence-server' \ --push diff --git a/pipelines-generator.py b/pipelines-generator.py index f6bf6e4..613ac77 100755 --- a/pipelines-generator.py +++ b/pipelines-generator.py @@ -27,7 +27,7 @@ def main(): lstrip_blocks=True, trim_blocks=True) template = jenv.get_template(TEMPLATE_FILE) - generated_output = template.render(images=images, batches=12) + generated_output = template.render(images=images, batches=8) print(generated_output) From 74e04e7b40992e9f5b1afb43ee2e6dba2be0b388 Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Wed, 16 Mar 2022 16:12:27 +1100 Subject: [PATCH 7/8] Updated the .snyk version --- .snyk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.snyk b/.snyk index 953c330..d27ccd9 100644 --- a/.snyk +++ b/.snyk @@ -1,5 +1,5 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.14.1 +version: v1.19.0 # ignores vulnerabilities until expiry date; change duration by modifying expiry date ignore: SNYK-UBUNTU2004-EXPAT-2403934: From a35e8a57859b7ba81eaeba60dabd4b04ffde1c39 Mon Sep 17 00:00:00 2001 From: nghazalibeiklar Date: Thu, 17 Mar 2022 10:44:34 +1100 Subject: [PATCH 8/8] Masked openssl vulnerability up to March 25th waiting for update for the base image --- .snyk | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.snyk b/.snyk index d27ccd9..9aa7e19 100644 --- a/.snyk +++ b/.snyk @@ -14,5 +14,9 @@ ignore: - '*': reason: Ignore until March 25, 2022 - waiting for `adoptopenjdk/openjdk11` image update expires: 2022-03-25T00:00:00.000Z + SNYK-UBUNTU2004-OPENSSL-2426343: + - '*': + reason: Ignore until March 25, 2022 - waiting for `adoptopenjdk/openjdk11` image update + expires: 2022-03-25T00:00:00.000Z patch: {}