Update CircleCI configuration for pushing to container registries (#23)

* Add CircleCI image registry configuration * fix nancy * fix nancy --------- Co-authored-by: Nick Jüttner <[email protected]>
giantswarm · Nov 29, 2023 · cf7441c · cf7441c
1 parent 1637ec8
commit cf7441c
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 54 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1,70 +1,66 @@
 version: 2.1
 orbs:
-  architect: giantswarm/architect@4.33.0
+  architect: giantswarm/architect@4.35.5
 
 jobs:
   unit-tests:
     executor: architect/architect
     steps:
-    - checkout
-    - run:
-        name: "Run unit tests"
-        command: CGO_ENABLED=0 make test-unit
+      - checkout
+      - run:
+          name: "Run unit tests"
+          command: CGO_ENABLED=0 make test-unit
 
 workflows:
   package-and-push-chart-on-tag:
     jobs:
-    - architect/go-build:
-        context: architect
-        name: go-build
-        binary: azure-private-endpoint-operator
-        resource_class: xlarge
-        filters:
-          tags:
-            only: /^v.*/
+      - architect/go-build:
+          context: architect
+          name: go-build
+          binary: azure-private-endpoint-operator
+          resource_class: xlarge
+          filters:
+            tags:
+              only: /^v.*/
 
-    - unit-tests:
-        requires:
-        - go-build
-        filters:
-          tags:
-            only: /^v.*/
+      - unit-tests:
+          requires:
+            - go-build
+          filters:
+            tags:
+              only: /^v.*/
 
-    - architect/push-to-docker:
-        context: "architect"
-        name: push-azure-private-endpoint-operator-to-quay
-        image: "quay.io/giantswarm/azure-private-endpoint-operator"
-        username_envar: "QUAY_USERNAME"
-        password_envar: "QUAY_PASSWORD"
-        requires:
-        - unit-tests
-        filters:
+      - architect/push-to-registries:
+          context: architect
+          name: push-to-registries
+          requires:
+            - unit-tests
+          filters:
           # Trigger the job also on git tag.
-          tags:
-            only: /^v.*/
+            tags:
+              only: /^v.*/
 
-    - architect/push-to-app-catalog:
-        context: "architect"
-        name: push-to-app-catalog
-        app_catalog: "control-plane-catalog"
-        app_catalog_test: "control-plane-test-catalog"
-        chart: "azure-private-endpoint-operator"
-        requires:
-        - push-azure-private-endpoint-operator-to-quay
-        # Trigger job on git tag.
-        filters:
-          tags:
-            only: /^v.*/
+      - architect/push-to-app-catalog:
+          context: "architect"
+          name: push-to-app-catalog
+          app_catalog: "control-plane-catalog"
+          app_catalog_test: "control-plane-test-catalog"
+          chart: "azure-private-endpoint-operator"
+          requires:
+            - push-to-registries
+          filters:
+            tags:
+              only: /^v.*/
 
-    - architect/push-to-app-collection:
-        context: architect
-        name: push-to-capz-app-collection
-        app_name: "azure-private-endpoint-operator"
-        app_collection_repo: "capz-app-collection"
-        requires:
-        - push-to-app-catalog
-        filters:
-          branches:
-            ignore: /.*/
-          tags:
-            only: /^v.*/
+      - architect/push-to-app-collection:
+          context: architect
+          name: push-to-capz-app-collection
+          app_name: "azure-private-endpoint-operator"
+          app_collection_repo: "capz-app-collection"
+          requires:
+            - push-to-app-catalog
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              only: /^v.*/
diff --git a/.nancy-ignore b/.nancy-ignore
@@ -1,2 +1,4 @@
 # https://ossindex.sonatype.org/vulnerability/CVE-2020-8561
 CVE-2020-8561
+CVE-2023-39325
+CVE-2023-3978