From 93ca91ac3f4309403a09596e256b133e84808400 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Fri, 18 Feb 2022 14:50:40 +0200 Subject: [PATCH] Add multi-arch image scans Signed-off-by: Evan Lezar --- .common-ci.yml | 9 +++++++++ .nvidia-ci.yml | 50 +++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 54 insertions(+), 5 deletions(-) diff --git a/.common-ci.yml b/.common-ci.yml index 5b270268..de6e9863 100644 --- a/.common-ci.yml +++ b/.common-ci.yml @@ -97,6 +97,15 @@ stages: variables: ARCH: x86_64 +# Define the platform targets +.platform-amd64: + variables: + PLATFORM: linux/amd64 + +.platform-arm64: + variables: + PLATFORM: linux/arm64 + # Define test helpers .integration: stage: test diff --git a/.nvidia-ci.yml b/.nvidia-ci.yml index 478526e9..d7af6a19 100644 --- a/.nvidia-ci.yml +++ b/.nvidia-ci.yml @@ -112,7 +112,7 @@ image-packaging: before_script: - docker login -u "${CI_REGISTRY_USER}" -p "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}" # TODO: We should specify the architecture here and scan all architectures - - docker pull "${IMAGE}" + - docker pull --platform="${PLATFORM}" "${IMAGE}" - docker save "${IMAGE}" -o "${IMAGE_ARCHIVE}" - AuthHeader=$(echo -n $SSA_CLIENT_ID:$SSA_CLIENT_SECRET | base64 -w0) - > @@ -131,34 +131,74 @@ image-packaging: - policy_evaluation.json # Define the scan targets -scan-centos7: +scan-centos7-amd64: extends: - .scan - .dist-centos7 + - .platform-amd64 needs: - image-centos7 -scan-centos8: +scan-centos7-arm64: + extends: + - .scan + - .dist-centos7 + - .platform-arm64 + needs: + - image-centos7 + - scan-centos7-amd64 + +scan-centos8-amd64: extends: - .scan - .dist-centos8 + - .platform-amd64 needs: - image-centos8 -scan-ubuntu18.04: +scan-centos8-arm64: + extends: + - .scan + - .dist-centos8 + - .platform-arm64 + needs: + - image-centos8 + - scan-centos8-amd64 + +scan-ubuntu18.04-amd64: extends: - .scan - .dist-ubuntu18.04 + - .platform-amd64 needs: - image-ubuntu18.04 -scan-ubi8: +scan-ubuntu18.04-arm64: + extends: + - .scan + - .dist-ubuntu18.04 + - .platform-arm64 + needs: + - image-ubuntu18.04 + - scan-ubuntu18.04-amd64 + +scan-ubi8-amd64: extends: - .scan - .dist-ubi8 + - .platform-amd64 needs: - image-ubi8 +scan-ubi8-arm64: + extends: + - .scan + - .dist-ubi8 + - .platform-arm64 + needs: + - image-ubi8 + - scan-ubi8-amd64 + # Define external release helpers .release:ngc: extends: