dependencies, processor, CICD changes

iped-docker · May 29, 2023 · fed34d2 · fed34d2
1 parent 2226b50
commit fed34d2
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 26 deletions.
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -29,8 +29,6 @@ jobs:
         tags: |
           ipeddocker/iped:transcriptor
           ipeddocker/iped:transcriptor_${{ github.ref_name }}
-        cache-from: type=registry,ref=docker.io/ipeddocker/iped:transcriptor_cache
-        cache-to: type=registry,ref=docker.io/ipeddocker/iped:transcriptor_cache,mode=max
         provenance: false
         push: true 
         build-args: |
@@ -41,22 +39,30 @@ jobs:
     # transcriptor base image is different from other steps, so
     # we dont need its image on the server
     # this step is to avoid disk space problems on next steps
-    - name: Cleaning TRANSCRIPTION docker environment 
-      run: docker buildx prune -a -f
+    - name: Cleaning TRANSCRIPTION docker environment
+      run: |
+        docker rmi -f ipeddocker/iped:transcriptor ipeddocker/iped:transcriptor_${{ github.ref_name }}
+        docker buildx prune -a -f
+
+#
+# using classic build on dependencies, because is the only way to cache now.
+#
+    - name: Docker pull dependecies-RELEASE 
+      if: startsWith(github.ref, 'refs/tags/')
+      run: docker pull ipeddocker/iped:dependencies || echo could not pull
 
     - name: Docker build dependecies-RELEASE 
       if: startsWith(github.ref, 'refs/tags/')
-      uses: docker/build-push-action@v4      
-      with:
-        context: .
-        file: Dockerfile.dependencies
-        tags: | 
-          ipeddocker/iped:dependencies
-          ipeddocker/iped:dependencies_${{ github.ref_name }}
-        cache-from: type=registry,ref=docker.io/ipeddocker/iped:dependencies_cache
-        cache-to: type=registry,ref=docker.io/ipeddocker/iped:dependencies_cache,mode=max
-        push: true 
-
+      run: docker build --cache-from ipeddocker/iped:dependencies . -f Dockerfile-processor -t ipeddocker/iped:processor
+
+    - name: Docker push dependecies-RELEASE 
+      if: startsWith(github.ref, 'refs/tags/')
+      run: |
+        docker tag ipeddocker/iped:dependencies ipeddocker/iped:dependencies_${{ github.ref_name }}
+        docker push ipeddocker/iped:dependencies 
+        docker push ipeddocker/iped:dependencies_${{ github.ref_name }}
+
+
     - name: Docker build processor-RELEASE 
       if: startsWith(github.ref, 'refs/tags/')
       uses: docker/build-push-action@v4      
@@ -66,9 +72,12 @@ jobs:
         tags: | 
           ipeddocker/iped:processor
           ipeddocker/iped:processor_${{ github.ref_name }}
-        cache-from: type=registry,ref=docker.io/ipeddocker/iped:processor_cache
-        cache-to: type=registry,ref=docker.io/ipeddocker/iped:processor_cache,mode=max
         push: true 
+        build-args: |
+          "SNAPSHOT=true"
+        secrets: |
+          "ACTION_GH_TOKEN=${{ secrets.ACTION_GH_TOKEN }}"
+
 
     - name: Docker build iped-RELEASE 
       if: startsWith(github.ref, 'refs/tags/')
@@ -78,6 +87,4 @@ jobs:
         tags: | 
           ipeddocker/iped:latest
           ipeddocker/iped:${{ github.ref_name }}
-        cache-from: type=registry,ref=docker.io/ipeddocker/iped:latest_cache
-        cache-to: type=registry,ref=docker.io/ipeddocker/iped:latest_cache,mode=max
         push: true 
diff --git a/Dockerfile.dependencies b/Dockerfile.dependencies
@@ -51,7 +51,7 @@ RUN cd ${PKGTMPDIR} \
     && echo "#####################################" \
     && echo "deb http://security.ubuntu.com/ubuntu focal-security main" | tee /etc/apt/sources.list.d/focal-security.list \
     && apt-get update \
-    && apt-get install -y libssl-dev=1.1.1f-1ubuntu2.17 \
+    && apt-get install -y libssl-dev=1.1.1f-1ubuntu2.18 \
     && rm /etc/apt/sources.list.d/focal-security.list && apt-get update \
     && echo "#####################################" \
     && echo "install libbfio" \

diff --git a/Dockerfile.processor b/Dockerfile.processor
@@ -1,14 +1,33 @@
 FROM ipeddocker/iped:dependencies
 
-ARG IPED_RELEASE_VERSION=4.1.1 PKGTMPDIR=/tmp/pkgs
+ARG IPED_RELEASE_VERSION=4.1.2 PKGTMPDIR=/tmp/pkgs SNAPSHOT=false SNAPSHOT_WORKFLOW_ID=5073165507
 
 
-RUN echo "#####################################" \
-    && echo "Installing IPED" \
-    && echo "#####################################" \
+RUN --mount=type=secret,id=ACTION_GH_TOKEN export ACTION_GH_TOKEN=$(cat /run/secrets/ACTION_GH_TOKEN) \
     && mkdir -p /opt/IPED/ && cd /opt/IPED/ \
-    && wget --progress=bar:force https://github.com/sepinf-inc/IPED/releases/download/${IPED_RELEASE_VERSION}/IPED-${IPED_RELEASE_VERSION}_and_plugins.zip -O ${PKGTMPDIR}/iped.zip \
-    && unzip ${PKGTMPDIR}/iped.zip \
+    && apt-get update && apt-get install -y jq \
+    && if [ "${SNAPSHOT}" = "true" ]; \
+        then \
+            echo "#####################################" && \
+            echo "Installing IPED from SNAPSHOT   " && \
+            echo "#####################################" && \
+            echo -n "Getting snapshot with run ID ${SNAPSHOT_WORKFLOW_ID}..." && \
+            snapshotURL=$(curl -s -L -H "Accept: application/vnd.github+json" \
+                            -H "Authorization: Bearer ${ACTION_GH_TOKEN}" \
+                            -H "X-GitHub-Api-Version: 2022-11-28" \
+                            https://api.github.com/repos/sepinf-inc/IPED/actions/artifacts  | \
+                        jq --arg workflow_id $SNAPSHOT_WORKFLOW_ID -c '.artifacts[] | select(.workflow_run.id|tostring == $workflow_id) | .archive_download_url' | \
+                        tr -d '\"') && \
+            echo "Downloading ${snapshotURL}..." && \
+            curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${ACTION_GH_TOKEN}" -H "X-GitHub-Api-Version: 2022-11-28" --output ${PKGTMPDIR}/iped.zip ${snapshotURL} && \
+            unzip -p ${PKGTMPDIR}/iped.zip | tar -xvz --strip-components=1; \
+        else \
+            echo "#####################################" && \
+            echo "Installing IPED from RELEASE " && \
+            echo "#####################################" && \
+            curl -L https://github.com/sepinf-inc/IPED/releases/download/$IPED_RELEASE_VERSION/IPED-${IPED_RELEASE_VERSION}_and_plugins.zip --output ${PKGTMPDIR}/iped.zip && \
+            unzip ${PKGTMPDIR}/iped.zip ;\
+        fi \
     && echo "Creating IPED simbolic link..." \
     && ls | grep "iped-" | xargs -i sh -c 'ln -s "{}" iped' \
     && echo "#####################################" \