-
Notifications
You must be signed in to change notification settings - Fork 124
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Publish nativelink-worker image for C++ (#794)
This should make it easier to spin up test instances for C++ projects. The nativelink worker image may now be fetched from: ``` ghcr.io/tracemachina/nativelink-worker-lre-cc:<sometag> ``` Since the toolchain images are somewhat more complex than the minimal `nativelink` image, we now use trivy to scan images for vulnerabilities. The database for these scans is fetched dynamically. This breaks perfect reproducibility for the image publishing workflow when rolling back/reverting, but ensures that new commits aren't checked against outdated vulnerability databases.
- Loading branch information
1 parent
f601cd0
commit 646253d
Showing
6 changed files
with
48 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,3 +13,4 @@ __pycache__ | |
result | ||
.bazelrc.user | ||
MODULE.bazel.lock | ||
trivy-results.sarif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters