-
Notifications
You must be signed in to change notification settings - Fork 425
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update fleetdm/fleetctl
, fleetdm/wix
and fleetdm/bomutils
docker images
#21063
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this, great idea!
f16003f
to
41586c0
Compare
fleetdm/fleetctl
, fleetdm/wix
and fleetdm/bomutils
docker images
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the thorough PR description and adding the additional workflows. The fleetctl-docker-deps-*
tag is now protected.
#20571
Summary of changes
We have a few moving parts in fleetctl land (
fleetdm/wix
is used to buildmsi
s andfleetdm/bomutils
is used to buildpkg
s, andfleetdm/fleetctl
can be used to build packages using docker, no need for fleetctl executable):So, we'll need to update the three images:
fleetdm/bomutils
,fleetdm/wix
&fleetdm/fleetctl
.tools/bomutils-docker/Dockerfile
,tools/wix-docker/Dockerfile
andtools/fleetctl-docker/Dockerfile
: Updating the base image to fix the CRITICAL vulnerabilities..github/workflows/build-and-check-fleetctl-docker-and-deps.yml
to run every day to check for CRITICAL vulnerabilities infleetdm/wix
,fleetdm/bomutils
andfleetdm/fleetctl
..github/workflows/goreleaser-fleetctl-docker-deps.yaml
:fleetdm/bomutils
andfleetdm/wix
were pushed manually a few years ago (most likely by Zach), so I've added a new action to release them when we have changes to release (like now). It will basically releasefleetctl/bomutils
andfleetdm/wix
when pushing a tag of the formfleetctl-docker-deps-*
(we'll need to protect such tag prefix)..github/workflows/test-native-tooling-packaging.yml
to buildfleetdm/bomutils
andfleetdm/wix
forfleetdm/fleetctl
to use them instead of the ones in docker hub.--
Build before upgrading
debian:stable-slim
:https://github.com/fleetdm/fleet/actions/runs/10255391418/job/28372231837
Build after upgrading
debian:stable-slim
: https://github.com/fleetdm/fleet/actions/runs/10255550034changes/
,orbit/changes/
oree/fleetd-chrome/changes
.See Changes files for more information.