mirror of
https://github.com/zabbix/zabbix-docker.git
synced 2025-01-20 12:28:37 +01:00
Merge changes with 7.2
This commit is contained in:
parent
1f24659a8b
commit
1edd6173ea
78
.github/workflows/scorecard.yml
vendored
78
.github/workflows/scorecard.yml
vendored
@ -1,78 +0,0 @@
|
||||
# This workflow uses actions that are not certified by GitHub. They are provided
|
||||
# by a third-party and are governed by separate terms of service, privacy
|
||||
# policy, and support documentation.
|
||||
|
||||
name: Scorecard supply-chain security
|
||||
on:
|
||||
# For Branch-Protection check. Only the default branch is supported. See
|
||||
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
|
||||
branch_protection_rule:
|
||||
# To guarantee Maintained check is occasionally updated. See
|
||||
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
|
||||
schedule:
|
||||
- cron: '39 3 * * 2'
|
||||
push:
|
||||
branches:
|
||||
- '7.0'
|
||||
|
||||
# Declare default permissions as read only.
|
||||
permissions: read-all
|
||||
|
||||
jobs:
|
||||
analysis:
|
||||
name: Scorecard analysis
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
# Needed to upload the results to code-scanning dashboard.
|
||||
security-events: write
|
||||
# Needed to publish results and get a badge (see publish_results below).
|
||||
id-token: write
|
||||
# Uncomment the permissions below if installing in a private repository.
|
||||
# contents: read
|
||||
# actions: read
|
||||
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
- name: "Checkout code"
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
|
||||
# - you want to enable the Branch-Protection check on a *public* repository, or
|
||||
# - you are installing Scorecard on a *private* repository
|
||||
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
|
||||
# repo_token: ${{ secrets.SCORECARD_TOKEN }}
|
||||
|
||||
# Public repositories:
|
||||
# - Publish results to OpenSSF REST API for easy access by consumers
|
||||
# - Allows the repository to include the Scorecard badge.
|
||||
# - See https://github.com/ossf/scorecard-action#publishing-results.
|
||||
# For private repositories:
|
||||
# - `publish_results` will always be set to `false`, regardless
|
||||
# of the value entered here.
|
||||
publish_results: true
|
||||
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
retention-days: 5
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@29d86d22a34ea372b1bbf3b2dced2e25ca6b3384 # v3.26.1
|
||||
with:
|
||||
sarif_file: results.sarif
|
@ -79,7 +79,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
mkdir -p ZABBIX_CONF_DIR/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
|
||||
|
@ -30,7 +30,7 @@ STOPSIGNAL SIGTERM
|
||||
|
||||
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
|
||||
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
|
||||
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
|
||||
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
|
||||
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
|
||||
|
||||
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
@ -66,7 +66,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
mkdir -p ZABBIX_CONF_DIR/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
|
||||
|
@ -104,7 +104,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
mkdir -p ZABBIX_CONF_DIR/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/ && \
|
||||
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
|
||||
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -59,7 +59,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -59,7 +59,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -59,7 +59,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -43,7 +43,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -69,7 +69,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -59,7 +59,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -61,7 +61,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -61,7 +61,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -61,7 +61,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -43,7 +43,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -71,7 +71,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,7 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -61,7 +61,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,6 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -52,6 +53,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,6 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -52,6 +53,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -33,6 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -52,6 +53,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
@ -43,6 +43,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=from=sources,target=/tmp/src \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -62,6 +63,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
0
Dockerfiles/build-sqlite3/rhel/patches/.gitkeep
Normal file
0
Dockerfiles/build-sqlite3/rhel/patches/.gitkeep
Normal file
@ -33,6 +33,7 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
--mount=type=cache,target=/root/go/ \
|
||||
--mount=type=bind,source=src/,target=/tmp/src \
|
||||
--mount=type=bind,source=patches/,target=/tmp/patches \
|
||||
set -eux && \
|
||||
cd /tmp/ && \
|
||||
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
|
||||
@ -52,6 +53,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
|
||||
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
|
||||
fi && \
|
||||
cd ${ZBX_SOURCES_DIR} && \
|
||||
for patch_filename in /tmp/patches/*.patch; do \
|
||||
if [ -f "$patch_filename" ]; then \
|
||||
patch -p1 < $patch_filename; \
|
||||
fi \
|
||||
done && \
|
||||
zabbix_revision=`git rev-parse --short HEAD` && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
|
||||
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
|
||||
|
0
Dockerfiles/build-sqlite3/ubuntu/patches/.gitkeep
Normal file
0
Dockerfiles/build-sqlite3/ubuntu/patches/.gitkeep
Normal file
@ -108,7 +108,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
-G dialout \
|
||||
--uid 1997 \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
chgrp zabbix /usr/bin/nmap && \
|
||||
setcap cap_net_raw+eip /usr/bin/nmap && \
|
||||
|
@ -90,7 +90,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
-G dialout \
|
||||
--uid 1997 \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
chgrp zabbix /usr/bin/nmap && \
|
||||
setcap cap_net_raw+eip /usr/bin/nmap && \
|
||||
|
@ -136,7 +136,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
|
||||
-G dialout \
|
||||
--uid 1997 \
|
||||
--shell /sbin/nologin \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
|
||||
--home-dir ${ZABBIX_USER_HOME_DIR} \
|
||||
zabbix && \
|
||||
chgrp zabbix /usr/bin/nmap && \
|
||||
setcap cap_net_raw+eip /usr/bin/nmap && \
|
||||
|
6
build.sh
6
build.sh
@ -42,7 +42,11 @@ else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DOCKER_BUILDKIT=1 $exec_command build -t "zabbix-$app_component:$os-$version" --build-context sources="../../../sources" --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$(date -u +"%Y-%m-%dT%H:%M:%SZ")" -f Dockerfile .
|
||||
DOCKER_BUILDKIT=1 $exec_command build -t "zabbix-$app_component:$os-$version" \
|
||||
--build-context sources="../../../sources" \
|
||||
--build-arg VCS_REF="$VCS_REF" \
|
||||
--build-arg BUILD_DATE="$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \
|
||||
-f Dockerfile .
|
||||
|
||||
if [ "$type" != "build" ]; then
|
||||
links=""
|
||||
|
Loading…
Reference in New Issue
Block a user