Enable Dex Server builds in PR checks and Push pipelines (#5134)

Jonsy13 · web-flow · commit 898360115c85 · 2025-05-21T17:04:56.000+05:30
* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

* Enable Dex Server builds

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;

---------

Signed-off-by: Jonsy13 &lt;vedant.shrotria@harness.io&gt;
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -18,8 +18,7 @@ jobs:
       authentication: ${{ steps.filter.outputs.authentication }}
       subscriber: ${{ steps.filter.outputs.subscriber }}
       event-tracker: ${{ steps.filter.outputs.event-tracker }}
-      # upgrade-agent-cp: ${{ steps.filter.outputs.upgrade-agent-cp }}
-      # dex-server: ${{ steps.filter.outputs.dex-server }}
+      dex-server: ${{ steps.filter.outputs.dex-server }}
     steps:
       # For pull requests it's not necessary to checkout the code
       - uses: dorny/paths-filter@v3
@@ -36,10 +35,8 @@ jobs:
               - 'chaoscenter/subscriber/**'
             event-tracker:
               - 'chaoscenter/event-tracker/**'
-            # upgrade-agent-cp:
-            #   - 'chaoscenter/upgrade-agents/control-plane/**'
-            # dex-server:
-            #   - 'chaoscenter/dex-server/**'
+            dex-server:
+              - 'chaoscenter/dex-server/**'
 
   gitleaks-scan:
     runs-on: ubuntu-latest
@@ -56,7 +53,7 @@ jobs:
   backend-checks:
     runs-on: ubuntu-latest
     needs: changes
-    if: needs.changes.outputs.graphql-server == 'true' || needs.changes.outputs.authentication == 'true' || needs.changes.outputs.subscriber == 'true' || needs.changes.outputs.event-tracker == 'true'
+    if: needs.changes.outputs.graphql-server == 'true' || needs.changes.outputs.authentication == 'true' || needs.changes.outputs.subscriber == 'true' || needs.changes.outputs.event-tracker == 'true' || needs.changes.outputs.dex-server == 'true'
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -264,43 +261,28 @@ jobs:
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
 
-  # docker-build-upgrade-agent-cp:
-  #   runs-on: ubuntu-latest
-  #   needs:
-  #     - backend-checks
-  #     - changes
-  #     - backend-unit-tests
-  #   if: ${{ needs.changes.outputs.upgrade-agent-cp == 'true' }}
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v2
-  #     - name: Build control plane upgrade agent docker image
-  #       shell: bash
-  #       run: |
-  #         cd chaoscenter/upgrade-agents/control-plane
-  #         docker build . -f Dockerfile -t docker.io/litmuschaos/upgrade-agent-cp:${{ github.sha }} --build-arg TARGETARCH=amd64
-  #     - name: Run Trivy vulnerability scanner
-  #       uses: aquasecurity/trivy-action@master
-  #       with:
-  #         image-ref: 'docker.io/litmuschaos/upgrade-agent-cp:${{ github.sha }}'
-  #         format: 'table'
-  #         exit-code: '1'
-  #         ignore-unfixed: true
-  #         vuln-type: 'os,library'
-  #         severity: 'CRITICAL,HIGH'             
+  docker-build-dex-server:
+    runs-on: ubuntu-latest
+    needs:
+      - backend-checks
+      - changes
+    if: ${{ needs.changes.outputs.dex-server == 'true' }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
 
-  # docker-build-dex-server:
-  #   runs-on: ubuntu-latest
-  #   needs:
-  #     - backend-checks
-  #     - changes
-  #     - backend-unit-tests
-  #   if: needs.changes.outputs.dex-server == 'true'
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v2
-  #     - name: Build dex-server docker image
-  #       shell: bash
-  #       run: |
-  #         cd chaoscenter/dex-server
-  #         docker images && docker build . -f Dockerfile --build-arg TARGETARCH=amd64
+      - name: Build dex-server docker image
+        shell: bash
+        run: |
+          cd chaoscenter/dex-server
+          docker images && docker build . -f Dockerfile -t docker.io/litmuschaos/litmusportal-dex-server:${{ github.sha }} --build-arg TARGETARCH=amd64
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/litmuschaos/litmusportal-dex-server:${{ github.sha }}'
+          format: 'table'
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
@@ -59,8 +59,7 @@ jobs:
           echo export FRONTEND_IMAGE="litmusportal-frontend" >> env-vars
           echo export SUBSCRIBER_IMAGE="litmusportal-subscriber" >> env-vars
           echo export EVENT_TRACKER="litmusportal-event-tracker" >> env-vars
-          # echo export UPGRADE_AGENT_CP="upgrade-agent-cp" >> env-vars
-          # echo export DEX_SERVER="litmusportal-dex-server" >> env-vars
+          echo export DEX_SERVER="litmusportal-dex-server" >> env-vars
 
       - name: Uploading envs
         uses: actions/upload-artifact@v4
@@ -280,3 +279,42 @@ jobs:
           FRONTEND_IMAGE=${{ matrix.frontend.image_name }}
           timestamp=`date "+%s"`
           make push-frontend
+
+
+  docker-build-and-push-dex-server:
+    runs-on: ubuntu-latest
+    needs:
+      - get-envs
+      - backend-checks
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          version: latest
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          version: latest
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Push dex server docker image
+        env:
+          IMAGE_NAME: ${DEX_SERVER}
+          IMG_TAG: ${IMG_TAG}
+          PLATFORMS: ${{ secrets.PLATFORMS }}
+          REPONAME: ${{ secrets.REPONAME }}
+          DIRECTORY: "dex-server"
+        run: |
+          source env-vars
+          make push-portal-component
diff --git a/chaoscenter/dex-server/Dockerfile b/chaoscenter/dex-server/Dockerfile
@@ -1,3 +1,3 @@
-FROM ghcr.io/dexidp/dex:latest
+FROM ghcr.io/dexidp/dex:v2.43.0
 ENV DEX_FRONTEND_DIR=/srv/dex/web
 COPY --chown=root:root web /srv/dex/web
diff --git a/chaoscenter/dex-server/web/web.go b/chaoscenter/dex-server/web/web.go
@@ -8,7 +8,7 @@ import (
 //go:embed static/* templates/* themes/*
 var files embed.FS
 
-// FS returns a filesystem with the default web assets.
+// FS returns a filesystem with the default web assets
 func FS() fs.FS {
 	return files
 }

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@ import (`
`8`	`8`	`//go:embed static/* templates/* themes/*`
`9`	`9`	`var files embed.FS`
`10`	`10`
`11`		`-// FS returns a filesystem with the default web assets.`
	`11`	`+// FS returns a filesystem with the default web assets`
`12`	`12`	`func FS() fs.FS {`
`13`	`13`	`return files`
`14`	`14`	`}`