Skip to content

Commit 23bf92b

Browse files
malice00malice00
authored
[build] Fixed usage of nexus for NPM and Python (CycloneDX#2207)
Fixed usage of nexus for NPM and Python Signed-off-by: Roland Asmann <[email protected]>
1 parent e08946b commit 23bf92b

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

43 files changed

+698
-336
lines changed

.github/actions/generate-attach-sbom/action.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,12 +12,12 @@ inputs:
1212
platform:
1313
description: The platforms for which to build the image
1414
required: true
15-
tag:
16-
description: All tags for the image
17-
required: true
1815
signing-key:
1916
description: The key to use for signing the SBOM, base64 encoded
2017
required: true
18+
tag:
19+
description: All tags for the image
20+
required: true
2121
target:
2222
description: Which stage in the Dockerfile to build
2323
required: true

.github/workflows/image-build.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,10 @@ on:
1818
type: boolean
1919

2020
env:
21+
NEXUS_NPM_REPO_PATH: /repository/npm
2122
NEXUS_PORT: 8081
23+
NEXUS_PYPI_REPO_PATH: /repository/pypi
2224
NEXUS_SERVER: 100.73.146.80
23-
NEXUS_NPM_REPO_PATH: /repository/npm
2425
REPO: ghcr.io
2526
TAG: v11
2627
TEAM: cyclonedx
@@ -68,6 +69,7 @@ jobs:
6869
cat >> "$GITHUB_OUTPUT" << EOF
6970
docker-args<<VALUE
7071
"NPM_REPO=$NPM_REPO"
72+
"PIP_CONFIG=[global]\nindex-url=http://$NEXUS_SERVER:$NEXUS_PORT$NEXUS_PYPI_REPO_PATH/simple\ntrusted-host=$NEXUS_SERVER"
7173
VALUE
7274
EOF
7375
- name: Install project dependencies

ci/images/Dockerfile.dotnet7

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
FROM registry.suse.com/bci/dotnet-sdk:7.0 AS base
33

44
ARG NPM_REPO
5+
ARG PIP_CONFIG
56

67
ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
78
DOTNET_GENERATE_ASPNET_CERTIFICATE=false \
@@ -16,9 +17,13 @@ ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
1617
RUN set -e; \
1718
if [ -n "$NPM_REPO" ]; then \
1819
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
19-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
20-
fi \
21-
&& zypper refresh \
20+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
21+
fi; \
22+
if [ -n "$PIP_CONFIG" ]; then \
23+
mkdir $HOME/.pip/; \
24+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
25+
fi; \
26+
zypper refresh \
2227
&& zypper \
2328
--non-interactive \
2429
update \
@@ -46,7 +51,7 @@ RUN set -e; \
4651
blint \
4752
&& npm install -g \
4853
corepack \
49-
&& rm -rf $HOME/.npmrc \
54+
&& rm -rf $HOME/.npmrc $HOME/.pip \
5055
&& zypper clean -a
5156

5257
CMD ["/bin/bash"]
@@ -66,9 +71,13 @@ COPY . /opt/cdxgen
6671
RUN set -e; \
6772
if [ -n "$NPM_REPO" ]; then \
6873
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
69-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
70-
fi \
71-
&& ARCH_NAME="$(rpm --eval '%{_arch}')"; \
74+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
75+
fi; \
76+
if [ -n "$PIP_CONFIG" ]; then \
77+
mkdir $HOME/.pip/; \
78+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
79+
fi; \
80+
ARCH_NAME="$(rpm --eval '%{_arch}')"; \
7281
case "${ARCH_NAME##*-}" in \
7382
'amd64' | 'x86_64') \
7483
DOSAI_ARCH_SUFFIX='-full'; \
@@ -95,7 +104,7 @@ RUN set -e; \
95104
&& dosai --help \
96105
&& mkdir -p ${NODE_COMPILE_CACHE} \
97106
&& node /opt/cdxgen/bin/cdxgen.js --help \
98-
&& rm -rf $HOME/.npmrc /root/.cache/node \
107+
&& rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
99108
&& chmod a-w -R /opt
100109

101110
WORKDIR /app

ci/images/Dockerfile.dotnet8

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
FROM registry.suse.com/bci/dotnet-sdk:8.0 AS base
33

44
ARG NPM_REPO
5+
ARG PIP_CONFIG
56

67
ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
78
DOTNET_GENERATE_ASPNET_CERTIFICATE=false \
@@ -16,9 +17,13 @@ ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
1617
RUN set -e; \
1718
if [ -n "$NPM_REPO" ]; then \
1819
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
19-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
20-
fi \
21-
&& zypper refresh \
20+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
21+
fi; \
22+
if [ -n "$PIP_CONFIG" ]; then \
23+
mkdir $HOME/.pip/; \
24+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
25+
fi; \
26+
zypper refresh \
2227
&& zypper \
2328
--non-interactive \
2429
update \
@@ -47,7 +52,7 @@ RUN set -e; \
4752
&& dotnet --list-sdks \
4853
&& npm install -g \
4954
corepack \
50-
&& rm -rf $HOME/.npmrc \
55+
&& rm -rf $HOME/.npmrc $HOME/.pip \
5156
&& zypper clean -a
5257

5358
CMD ["/bin/bash"]
@@ -67,9 +72,13 @@ COPY . /opt/cdxgen
6772
RUN set -e; \
6873
if [ -n "$NPM_REPO" ]; then \
6974
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
70-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
71-
fi \
72-
&& ARCH_NAME="$(rpm --eval '%{_arch}')"; \
75+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
76+
fi; \
77+
if [ -n "$PIP_CONFIG" ]; then \
78+
mkdir $HOME/.pip/; \
79+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
80+
fi; \
81+
ARCH_NAME="$(rpm --eval '%{_arch}')"; \
7382
case "${ARCH_NAME##*-}" in \
7483
'amd64' | 'x86_64') \
7584
DOSAI_ARCH_SUFFIX='-full'; \
@@ -96,7 +105,7 @@ RUN set -e; \
96105
&& dosai --help \
97106
&& mkdir -p ${NODE_COMPILE_CACHE} \
98107
&& node /opt/cdxgen/bin/cdxgen.js --help \
99-
&& rm -rf $HOME/.npmrc /root/.cache/node \
108+
&& rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
100109
&& chmod a-w -R /opt
101110

102111
WORKDIR /app

ci/images/Dockerfile.dotnet9

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
FROM registry.suse.com/bci/dotnet-sdk:9.0 AS base
33

44
ARG NPM_REPO
5+
ARG PIP_CONFIG
56

67
ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
78
DOTNET_GENERATE_ASPNET_CERTIFICATE=false \
@@ -16,9 +17,13 @@ ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
1617
RUN set -e; \
1718
if [ -n "$NPM_REPO" ]; then \
1819
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
19-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
20-
fi \
21-
&& zypper refresh \
20+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
21+
fi; \
22+
if [ -n "$PIP_CONFIG" ]; then \
23+
mkdir $HOME/.pip/; \
24+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
25+
fi; \
26+
zypper refresh \
2227
&& zypper \
2328
--non-interactive \
2429
update \
@@ -47,7 +52,7 @@ RUN set -e; \
4752
&& dotnet --list-sdks \
4853
&& npm install -g \
4954
corepack \
50-
&& rm -rf $HOME/.npmrc \
55+
&& rm -rf $HOME/.npmrc $HOME/.pip \
5156
&& zypper clean -a
5257

5358
CMD ["/bin/bash"]
@@ -66,9 +71,13 @@ COPY . /opt/cdxgen
6671
RUN set -e; \
6772
if [ -n "$NPM_REPO" ]; then \
6873
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
69-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
70-
fi \
71-
&& cd /opt/cdxgen \
74+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
75+
fi; \
76+
if [ -n "$PIP_CONFIG" ]; then \
77+
mkdir $HOME/.pip/; \
78+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
79+
fi; \
80+
cd /opt/cdxgen \
7281
&& corepack enable \
7382
&& corepack pnpm install \
7483
--config.strict-dep-builds=true \
@@ -78,7 +87,7 @@ RUN set -e; \
7887
&& corepack pnpm cache delete \
7988
&& mkdir -p ${NODE_COMPILE_CACHE} \
8089
&& node /opt/cdxgen/bin/cdxgen.js --help \
81-
&& rm -rf $HOME/.npmrc /root/.cache/node \
90+
&& rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
8291
&& chmod a-w -R /opt
8392

8493
WORKDIR /app

ci/images/Dockerfile.java11

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ FROM registry.suse.com/bci/openjdk-devel:11 AS base
44
ARG GRADLE_VERSION=7.6.4
55
ARG MAVEN_VERSION=3.6.3
66
ARG NPM_REPO
7+
ARG PIP_CONFIG
78
ARG SBT_VERSION=1.8.3
89

910
ENV GRADLE_HOME="/opt/gradle/${GRADLE_VERSION}" \
@@ -23,9 +24,13 @@ ENV PATH=${PATH}:/usr/local/bin:${MAVEN_HOME}/bin:${GRADLE_HOME}/bin:${SBT_HOME}
2324
RUN set -e; \
2425
if [ -n "$NPM_REPO" ]; then \
2526
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
26-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
27-
fi \
28-
&& ARCH_NAME="$(rpm --eval '%{_arch}')"; \
27+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
28+
fi; \
29+
if [ -n "$PIP_CONFIG" ]; then \
30+
mkdir $HOME/.pip/; \
31+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
32+
fi; \
33+
ARCH_NAME="$(rpm --eval '%{_arch}')"; \
2934
case "${ARCH_NAME##*-}" in \
3035
'amd64' | 'x86_64') \
3136
GOBIN_VERSION='amd64'; \
@@ -58,7 +63,7 @@ RUN set -e; \
5863
wget \
5964
zip \
6065
&& curl -s "https://get.sdkman.io" | bash \
61-
&& echo -e "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" \
66+
&& printf "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" \
6267
>> $HOME/.sdkman/etc/config \
6368
&& source "$HOME/.sdkman/bin/sdkman-init.sh" \
6469
&& sdk install maven $MAVEN_VERSION \
@@ -71,7 +76,7 @@ RUN set -e; \
7176
&& bazel --version \
7277
&& npm install -g \
7378
corepack \
74-
&& rm -rf $HOME/.npmrc \
79+
&& rm -rf $HOME/.npmrc $HOME/.pip \
7580
&& zypper clean -a
7681

7782
CMD ["/bin/bash"]
@@ -90,9 +95,13 @@ COPY . /opt/cdxgen
9095
RUN set -e; \
9196
if [ -n "$NPM_REPO" ]; then \
9297
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
93-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
94-
fi \
95-
&& cd /opt/cdxgen \
98+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
99+
fi; \
100+
if [ -n "$PIP_CONFIG" ]; then \
101+
mkdir $HOME/.pip/; \
102+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
103+
fi; \
104+
cd /opt/cdxgen \
96105
&& corepack enable \
97106
&& corepack pnpm install \
98107
--config.strict-dep-builds=true \
@@ -102,7 +111,7 @@ RUN set -e; \
102111
&& corepack pnpm cache delete \
103112
&& mkdir -p ${NODE_COMPILE_CACHE} \
104113
&& node /opt/cdxgen/bin/cdxgen.js --help \
105-
&& rm -rf $HOME/.npmrc /root/.cache/node \
114+
&& rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
106115
&& chmod a-w -R /opt
107116

108117
WORKDIR /app

ci/images/Dockerfile.java17

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ FROM registry.suse.com/bci/openjdk-devel:17 AS base
44
ARG GRADLE_VERSION=8.14.2
55
ARG MAVEN_VERSION=3.9.10
66
ARG NPM_REPO
7+
ARG PIP_CONFIG
78
ARG SBT_VERSION=1.11.2
89
ARG SCALA_VERSION=3.6.4
910

@@ -26,9 +27,13 @@ ENV PATH=${PATH}:/usr/local/bin:${PYTHONPATH}/bin:${MAVEN_HOME}/bin:${GRADLE_HOM
2627
RUN set -e; \
2728
if [ -n "$NPM_REPO" ]; then \
2829
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
29-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
30-
fi \
31-
&& ARCH_NAME="$(rpm --eval '%{_arch}')"; \
30+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
31+
fi; \
32+
if [ -n "$PIP_CONFIG" ]; then \
33+
mkdir $HOME/.pip/; \
34+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
35+
fi; \
36+
ARCH_NAME="$(rpm --eval '%{_arch}')"; \
3237
case "${ARCH_NAME##*-}" in \
3338
'amd64' | 'x86_64') \
3439
GOBIN_VERSION='amd64'; \
@@ -61,7 +66,7 @@ RUN set -e; \
6166
wget \
6267
zip \
6368
&& curl -s "https://get.sdkman.io" | bash \
64-
&& echo -e "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" \
69+
&& printf "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" \
6570
>> $HOME/.sdkman/etc/config \
6671
&& source "$HOME/.sdkman/bin/sdkman-init.sh" \
6772
&& sdk install maven $MAVEN_VERSION \
@@ -81,7 +86,7 @@ RUN set -e; \
8186
&& atom-tools --help \
8287
&& npm install -g \
8388
corepack \
84-
&& rm -rf $HOME/.npmrc \
89+
&& rm -rf $HOME/.npmrc $HOME/.pip \
8590
&& zypper clean -a
8691

8792
CMD ["/bin/bash"]
@@ -100,9 +105,13 @@ COPY . /opt/cdxgen
100105
RUN set -e; \
101106
if [ -n "$NPM_REPO" ]; then \
102107
export COREPACK_NPM_REGISTRY=$NPM_REPO; \
103-
echo -e "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
104-
fi \
105-
&& cd /opt/cdxgen \
108+
printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO" > $HOME/.npmrc; \
109+
fi; \
110+
if [ -n "$PIP_CONFIG" ]; then \
111+
mkdir $HOME/.pip/; \
112+
printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
113+
fi; \
114+
cd /opt/cdxgen \
106115
&& corepack enable \
107116
&& corepack pnpm install \
108117
--config.strict-dep-builds=true \
@@ -112,7 +121,7 @@ RUN set -e; \
112121
&& corepack pnpm cache delete \
113122
&& mkdir -p ${NODE_COMPILE_CACHE} \
114123
&& node /opt/cdxgen/bin/cdxgen.js --help \
115-
&& rm -rf $HOME/.npmrc /root/.cache/node \
124+
&& rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
116125
&& chmod a-w -R /opt
117126

118127
WORKDIR /app

0 commit comments

Comments
 (0)