From b4d8b1a6b43efbd01c347db8e458bd030eefd722 Mon Sep 17 00:00:00 2001 From: Marlon Saglia Date: Tue, 25 Feb 2025 14:33:30 +0100 Subject: [PATCH 1/3] feat(mend): update Mend CLI scan workflow configuration --- .github/workflows/mend.yaml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.github/workflows/mend.yaml b/.github/workflows/mend.yaml index e50ccd6..b9a21f4 100644 --- a/.github/workflows/mend.yaml +++ b/.github/workflows/mend.yaml @@ -2,19 +2,25 @@ name: Mend CLI Scan on: workflow_dispatch: - inputs: - image: - description: 'Image to scan' - required: true - default: 'docker.io/vespaengine/vespa:8' - -env: - IMAGE: ${{ inputs.image }} + pull_request: + branches: [master] + push: + branches: [master] jobs: mend: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + image: + - 'docker.io/vespaengine/vespa:8' + - 'docker.io/vespaengine/vespa-build-almalinux-8:latest' + - 'docker.io/vespaengine/vespa-dev-almalinux-8:latest' + - 'docker.io/vespaengine/vespa-build-almalinux-9:latest' + - 'docker.io/vespaengine/vespa-dev-almalinux-9:latest' + steps: - name: Downloading Mend CLI run: | @@ -27,4 +33,4 @@ jobs: MEND_USER_KEY: ${{secrets.MEND_USER_KEY}} MEND_URL: https://saas-eu.mend.io run: | - mend image "$IMAGE" + mend image "${{ matrix.image }}" From 2d08b3401a5d49f5b016b5472bf8d14ddb0028d1 Mon Sep 17 00:00:00 2001 From: Marlon Saglia Date: Tue, 25 Feb 2025 15:25:42 +0100 Subject: [PATCH 2/3] feat(ci): add disk space cleanup step in Mend workflow --- .github/workflows/mend.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/mend.yaml b/.github/workflows/mend.yaml index b9a21f4..4bfa7f8 100644 --- a/.github/workflows/mend.yaml +++ b/.github/workflows/mend.yaml @@ -22,6 +22,13 @@ jobs: - 'docker.io/vespaengine/vespa-dev-almalinux-9:latest' steps: + - name: Free disk space + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + large-packages: false + docker-images: false + swap-storage: false + - name: Downloading Mend CLI run: | echo Downloading Mend CLI From afe8238a6f72ddf62264aa4860f0f5b959e4f659 Mon Sep 17 00:00:00 2001 From: Marlon Saglia Date: Wed, 26 Feb 2025 13:48:28 +0100 Subject: [PATCH 3/3] ci: enhance mend workflow with detailed image scanning logs --- .github/workflows/mend.yaml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/mend.yaml b/.github/workflows/mend.yaml index 4bfa7f8..4cca13e 100644 --- a/.github/workflows/mend.yaml +++ b/.github/workflows/mend.yaml @@ -39,5 +39,16 @@ jobs: MEND_EMAIL: ${{secrets.MEND_EMAIL}} MEND_USER_KEY: ${{secrets.MEND_USER_KEY}} MEND_URL: https://saas-eu.mend.io + IMAGE: ${{ matrix.image }} run: | - mend image "${{ matrix.image }}" + echo "Scanning image ${IMAGE}" + + # Project is everything after the last slash (typically: vespa...:8) + MEND_PROJECT=${IMAGE##*/} + echo "Project: ${MEND_PROJECT}" + + # Application is everything before the last slash (typically: docker.io/vespaengine) + MEND_APPLICATION=${IMAGE%/*} + echo "Application: ${MEND_APPLICATION}" + + mend image "${IMAGE}" --scope "Vespa.ai//${MEND_APPLICATION}//${MEND_PROJECT}"