From 912fbad0f3e8f1edbe9b2bc055e3f4eebe7baaab Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 16:45:48 +0200 Subject: [PATCH 01/20] Update Renovate configuration file --- .github/renovate.json | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/.github/renovate.json b/.github/renovate.json index 74099f6b..ba35de33 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,16 +1 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:best-practices" - ], - "lockFileMaintenance": { - "enabled": true, - "labels": [ - "Lockfile", - "dependencies" - ] - }, - "ignorePaths": [ - "pyproject.toml" - ] -} +Renovate From 6f2d3bfb1ea930ae4c343a024ec7c7ce5a8602fd Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 16:46:39 +0200 Subject: [PATCH 02/20] Configure Renovate with best practices and alerts --- .github/renovate.json | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/renovate.json b/.github/renovate.json index ba35de33..22474119 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1 +1,18 @@ -Renovate +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:best-practices" + ], + "lockFileMaintenance": { + "enabled": true, + "labels": [ + "Lockfile", + "dependencies" + ] + }, + "osvVulnerabilityAlerts": true, + "dependencyDashboardOSVVulnerabilitySummary": "all", + "ignorePaths": [ + "pyproject.toml" + ] +} From 148a23c2b13307e3917ca2ed52142c1fa022a993 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 16:48:35 +0200 Subject: [PATCH 03/20] Update Mergify configuration to remove branch deletion Removed the action to delete branches after closing pull requests and commented out the CodeRabbit check. --- .github/mergify.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/mergify.yml b/.github/mergify.yml index 97a67be7..715aa1c8 100644 --- a/.github/mergify.yml +++ b/.github/mergify.yml @@ -14,11 +14,6 @@ pull_request_rules: - files = .trunk/trunk.yaml actions: merge: - - name: Delete branch after close - conditions: - - closed - actions: - delete_head_branch: - name: Comment when a pull request is merged conditions: - merged @@ -83,6 +78,6 @@ queue_rules: - check-success = GitGuardian Security Checks - check-success = SonarCloud - check-success = Trunk Check - - check-success = CodeRabbit - check-success = Test Image / API Test - check-success = CodeQL + # - check-success = CodeRabbit From 0e6f0f159da5d3818224a513faa56873b88e5dc6 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 16:53:24 +0200 Subject: [PATCH 04/20] Delete .br directory --- .br/ace/playbook.json | 5 ----- .br/config.json | 7 ------- 2 files changed, 12 deletions(-) delete mode 100644 .br/ace/playbook.json delete mode 100644 .br/config.json diff --git a/.br/ace/playbook.json b/.br/ace/playbook.json deleted file mode 100644 index 43b7ea3f..00000000 --- a/.br/ace/playbook.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "bullets": {}, - "nextId": 1, - "sections": {} -} \ No newline at end of file diff --git a/.br/config.json b/.br/config.json deleted file mode 100644 index b54293ef..00000000 --- a/.br/config.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "createdAt": "2025-11-03T19:08:19.353Z", - "spaceId": "1a86d3f1-81e7-4e52-8429-16137a0a2b62", - "spaceName": "my-space", - "teamId": "77d3ae69-f283-472f-8868-74f23f519983", - "teamName": "MH0386" -} \ No newline at end of file From f4d4b62c9cfb0f040226df1fe4c6bc26b0cd7474 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 18:23:56 +0200 Subject: [PATCH 05/20] Switch all workflows to use ubuntu-slim for improved performance and increase space. --- .github/workflows/.docker.yaml | 10 +++++----- .github/workflows/.lint.yaml | 4 ++-- .github/workflows/build.yaml | 4 ++-- .github/workflows/ci_tools.yaml | 4 ++-- .github/workflows/release.yaml | 2 +- .github/workflows/test.yaml | 2 +- .github/workflows/version.yaml | 2 +- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index e68f236a..f7e6ca7d 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -22,7 +22,7 @@ permissions: jobs: check_dockerfile: name: Validate Dockerfile - runs-on: ubuntu-latest + runs-on: ubuntu-slim if: ${{ inputs.is_test }} environment: name: code_quality @@ -55,7 +55,7 @@ jobs: name: Build and push Docker image to ${{ inputs.registry }} needs: check_dockerfile if: ${{ always() && !cancelled() }} - runs-on: ubuntu-latest + runs-on: ubuntu-slim outputs: image_tag: ${{ steps.tag.outputs.TAG }} environment: @@ -126,7 +126,7 @@ jobs: name: Docker Scout (${{ matrix.commands }}) needs: build_image if: ${{ always() && !cancelled() }} - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: name: docker_image strategy: @@ -155,7 +155,7 @@ jobs: api_test: name: API Test needs: build_image - runs-on: ubuntu-latest + runs-on: ubuntu-slim if: ${{ always() && !cancelled() && inputs.is_test }} environment: name: api_test @@ -194,7 +194,7 @@ jobs: - api_test - docker_scout if: ${{ always() && !cancelled() && inputs.registry == 'ghcr.io' }} - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: name: docker_image steps: diff --git a/.github/workflows/.lint.yaml b/.github/workflows/.lint.yaml index dd1d058b..ca4c2c16 100644 --- a/.github/workflows/.lint.yaml +++ b/.github/workflows/.lint.yaml @@ -8,7 +8,7 @@ permissions: jobs: format: name: Format - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: write environment: @@ -37,7 +37,7 @@ jobs: commit_options: '--no-verify' check: name: Check - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: name: code_quality needs: format diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 798109ea..d3d414e4 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -20,7 +20,7 @@ jobs: UV_LINK_MODE: "copy" permissions: contents: write - runs-on: ubuntu-latest + runs-on: ubuntu-slim steps: - name: Checkout Code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -64,7 +64,7 @@ jobs: github_release: name: Create GitHub Release needs: setup_and_build - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: name: github url: ${{github.event.repository.html_url}}/releases/tag/${{github.ref_name}} diff --git a/.github/workflows/ci_tools.yaml b/.github/workflows/ci_tools.yaml index 61fe6d75..e4a4e07e 100644 --- a/.github/workflows/ci_tools.yaml +++ b/.github/workflows/ci_tools.yaml @@ -15,7 +15,7 @@ concurrency: jobs: trunk_upgrade: name: Upgrade Trunk - runs-on: ubuntu-latest + runs-on: ubuntu-slim if: github.event_name == 'schedule' permissions: contents: write @@ -28,7 +28,7 @@ jobs: uses: trunk-io/trunk-action/upgrade@75699af9e26881e564e9d832ef7dc3af25ec031b # v1 cache_trunk: name: Cache Trunk - runs-on: ubuntu-latest + runs-on: ubuntu-slim if: github.event_name == 'push' permissions: actions: write diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index df6454c4..45564451 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,7 +10,7 @@ concurrency: jobs: pypi: name: Upload Python Package - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: read id-token: write diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5df150e4..5605933f 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -12,7 +12,7 @@ permissions: read-all jobs: compatibility: name: Check Dependency Compatibility - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: name: code_quality permissions: diff --git a/.github/workflows/version.yaml b/.github/workflows/version.yaml index a0ee3a6a..23af2b59 100644 --- a/.github/workflows/version.yaml +++ b/.github/workflows/version.yaml @@ -13,7 +13,7 @@ permissions: read-all jobs: version: name: Versioning - runs-on: ubuntu-latest + runs-on: ubuntu-slim if: github.actor == 'renovate[bot]' permissions: contents: write From b99876b09329f3d26261627534a43adbedad5c9d Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 18:26:31 +0200 Subject: [PATCH 06/20] Remove unnecessary free disk space step. --- .github/workflows/.docker.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index f7e6ca7d..f59abb33 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -62,9 +62,6 @@ jobs: name: docker_image url: ${{inputs.registry}}/${{github.repository}} steps: - - name: Free Disk Space - if: github.event_name != 'pull_request' - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Get Python version from pyproject.toml From 817b4defede52198074a01771cdd6a97d953b451 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 18:47:47 +0200 Subject: [PATCH 07/20] Add Docker setup step to multiple jobs in workflow --- .github/workflows/.docker.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index f59abb33..ff316dbc 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -29,6 +29,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - name: Set up Docker + uses: docker/setup-docker-action@v4.5.0 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: @@ -69,6 +71,8 @@ jobs: uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: yq -roy '.project.requires-python' pyproject.toml + - name: Set up Docker + uses: docker/setup-docker-action@v4.5.0 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: @@ -134,6 +138,8 @@ jobs: - cves - recommendations steps: + - name: Set up Docker + uses: docker/setup-docker-action@v4.5.0 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: From c4c31e35bdf1fbea58a4eb6824cde58283c51f1b Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 18:58:03 +0200 Subject: [PATCH 08/20] Refactor Docker setup steps to use QEMU and Buildx actions for improved compatibility --- .github/workflows/.docker.yaml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index ff316dbc..ff852934 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -29,8 +29,10 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - - name: Set up Docker - uses: docker/setup-docker-action@v4.5.0 + - name: Set up QEMU + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: @@ -71,18 +73,16 @@ jobs: uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: yq -roy '.project.requires-python' pyproject.toml - - name: Set up Docker - uses: docker/setup-docker-action@v4.5.0 + - name: Set up QEMU + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: registry: ${{ inputs.registry }} username: mh0386 password: ${{ inputs.registry == 'ghcr.io' && secrets.GH_TOKEN || inputs.registry == 'docker.io' && secrets.TOKEN_KEY_DOCKER }} - - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 - name: Docker meta id: meta uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5 @@ -138,8 +138,10 @@ jobs: - cves - recommendations steps: - - name: Set up Docker - uses: docker/setup-docker-action@v4.5.0 + - name: Set up QEMU + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: From bdb9445048af22260b252ae49b232c9d3ac07c07 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:08:28 +0200 Subject: [PATCH 09/20] Add Docker-in-Docker service configuration for jobs --- .github/workflows/.docker.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index ff316dbc..e38626bc 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -26,6 +26,12 @@ jobs: if: ${{ inputs.is_test }} environment: name: code_quality + services: + docker: + image: docker:dind + options: --privileged #--shm-size=2g + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -63,6 +69,12 @@ jobs: environment: name: docker_image url: ${{inputs.registry}}/${{github.repository}} + services: + docker: + image: docker:dind + options: --privileged #--shm-size=2g + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -137,6 +149,12 @@ jobs: - quickview - cves - recommendations + services: + docker: + image: docker:dind + options: --privileged #--shm-size=2g + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 From 41d7e13597f6419a7f4324fd43c5f5d74a88744e Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:09:45 +0200 Subject: [PATCH 10/20] Add Docker daemon configuration for debugging and features --- .github/workflows/.docker.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index e38626bc..60be8442 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -37,6 +37,14 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 + with: + daemon-config: | + { + "debug": true, + "features": { + "containerd-snapshotter": true + } + } - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: @@ -85,6 +93,14 @@ jobs: cmd: yq -roy '.project.requires-python' pyproject.toml - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 + with: + daemon-config: | + { + "debug": true, + "features": { + "containerd-snapshotter": true + } + } - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: @@ -158,6 +174,14 @@ jobs: steps: - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 + with: + daemon-config: | + { + "debug": true, + "features": { + "containerd-snapshotter": true + } + } - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: From 214895323c3e9e337aa03f4ddad001f29e6e0022 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:20:13 +0200 Subject: [PATCH 11/20] Remove Docker-in-Docker service configuration from jobs for cleaner setup --- .github/workflows/.docker.yaml | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 60be8442..a24bda4e 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -26,12 +26,6 @@ jobs: if: ${{ inputs.is_test }} environment: name: code_quality - services: - docker: - image: docker:dind - options: --privileged #--shm-size=2g - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -77,12 +71,6 @@ jobs: environment: name: docker_image url: ${{inputs.registry}}/${{github.repository}} - services: - docker: - image: docker:dind - options: --privileged #--shm-size=2g - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -165,12 +153,6 @@ jobs: - quickview - cves - recommendations - services: - docker: - image: docker:dind - options: --privileged #--shm-size=2g - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro steps: - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 From a12dca2a5db3c3d10cf6b84ccb5e2a473c785d0b Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:29:54 +0200 Subject: [PATCH 12/20] Add iptables package package to Docker workflows --- .github/workflows/.docker.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index a24bda4e..153d6747 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -29,6 +29,9 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: awalsh128/cache-apt-pkgs-action@latest + with: + packages: iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -79,6 +82,9 @@ jobs: uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: yq -roy '.project.requires-python' pyproject.toml + - uses: awalsh128/cache-apt-pkgs-action@latest + with: + packages: iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -154,6 +160,9 @@ jobs: - cves - recommendations steps: + - uses: awalsh128/cache-apt-pkgs-action@latest + with: + packages: iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: From 6dbc1f3b4a075c68c25ce4eff8393ea40402fecf Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:53:42 +0200 Subject: [PATCH 13/20] Fix formatting for iptables package in Docker workflows --- .github/workflows/.docker.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 153d6747..604c4207 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -31,7 +31,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - uses: awalsh128/cache-apt-pkgs-action@latest with: - packages: iptables + packages: 'iptables' - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -84,7 +84,7 @@ jobs: cmd: yq -roy '.project.requires-python' pyproject.toml - uses: awalsh128/cache-apt-pkgs-action@latest with: - packages: iptables + packages: 'iptables' - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -162,7 +162,7 @@ jobs: steps: - uses: awalsh128/cache-apt-pkgs-action@latest with: - packages: iptables + packages: 'iptables' - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: From ef441ef00fdea6a50e61ef847ce63b21d889b9f4 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:54:59 +0200 Subject: [PATCH 14/20] Refactor APT package installation steps in Docker workflows for clarity --- .github/workflows/.docker.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 604c4207..cf724331 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -29,7 +29,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - - uses: awalsh128/cache-apt-pkgs-action@latest + - name: Install APT packages + uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' - name: Set up Docker @@ -82,7 +83,8 @@ jobs: uses: mikefarah/yq@0ecdce24e83f0fa127940334be98c86b07b0c488 # v4.48.1 with: cmd: yq -roy '.project.requires-python' pyproject.toml - - uses: awalsh128/cache-apt-pkgs-action@latest + - name: Install APT packages + uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' - name: Set up Docker @@ -160,7 +162,8 @@ jobs: - cves - recommendations steps: - - uses: awalsh128/cache-apt-pkgs-action@latest + - name: Install APT packages + uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' - name: Set up Docker From 80d0366a51a197000ecc511dc86bb0402e806dc4 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 19:58:00 +0200 Subject: [PATCH 15/20] Add version specification for iptables package in Docker workflows --- .github/workflows/.docker.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index cf724331..07842747 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -33,6 +33,7 @@ jobs: uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' + version: 1.0 - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -87,6 +88,7 @@ jobs: uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' + version: 1.0 - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -166,6 +168,7 @@ jobs: uses: awalsh128/cache-apt-pkgs-action@latest with: packages: 'iptables' + version: 1.0 - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: From 3cb06aa4fcd14631cdb854e5679f3fd83d390398 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 20:04:15 +0200 Subject: [PATCH 16/20] Replace cache action with direct APT package installation for iptables in Docker workflows --- .github/workflows/.docker.yaml | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 07842747..8ed252ca 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -30,10 +30,7 @@ jobs: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Install APT packages - uses: awalsh128/cache-apt-pkgs-action@latest - with: - packages: 'iptables' - version: 1.0 + run: sudo apt-get update && sudo apt-get install -y iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -85,10 +82,7 @@ jobs: with: cmd: yq -roy '.project.requires-python' pyproject.toml - name: Install APT packages - uses: awalsh128/cache-apt-pkgs-action@latest - with: - packages: 'iptables' - version: 1.0 + run: sudo apt-get update && sudo apt-get install -y iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -165,10 +159,7 @@ jobs: - recommendations steps: - name: Install APT packages - uses: awalsh128/cache-apt-pkgs-action@latest - with: - packages: 'iptables' - version: 1.0 + run: sudo apt-get update && sudo apt-get install -y iptables - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: From 8f7fe8e4b465bfea8b87e11184a4a88db8e07399 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 20:12:11 +0200 Subject: [PATCH 17/20] Replace iptables installation with docker.io --- .github/workflows/.docker.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 8ed252ca..56c5bcb9 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -30,7 +30,7 @@ jobs: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Install APT packages - run: sudo apt-get update && sudo apt-get install -y iptables + run: sudo apt-get update && sudo apt-get install -y docker.io - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -82,7 +82,7 @@ jobs: with: cmd: yq -roy '.project.requires-python' pyproject.toml - name: Install APT packages - run: sudo apt-get update && sudo apt-get install -y iptables + run: sudo apt-get update && sudo apt-get install -y docker.io - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: @@ -159,7 +159,7 @@ jobs: - recommendations steps: - name: Install APT packages - run: sudo apt-get update && sudo apt-get install -y iptables + run: sudo apt-get update && sudo apt-get install -y docker.io - name: Set up Docker uses: docker/setup-docker-action@v4.5.0 with: From 79927101b2422705f0949f3d689cef13ef48928a Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 20:21:53 +0200 Subject: [PATCH 18/20] Update .docker.yaml --- .github/workflows/.docker.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 56c5bcb9..1ee88050 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -31,16 +31,6 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Install APT packages run: sudo apt-get update && sudo apt-get install -y docker.io - - name: Set up Docker - uses: docker/setup-docker-action@v4.5.0 - with: - daemon-config: | - { - "debug": true, - "features": { - "containerd-snapshotter": true - } - } - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: From 85efc138f4e732e8cd4b85dabaa24e75ed1a2cb9 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 20:48:39 +0200 Subject: [PATCH 19/20] Add QEMU and Docker Buildx setup steps --- .github/workflows/.docker.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index 1ee88050..c8384cb1 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -37,6 +37,10 @@ jobs: registry: ${{ inputs.registry }} username: mh0386 password: ${{ inputs.registry == 'ghcr.io' && secrets.GH_TOKEN || inputs.registry == 'docker.io' && secrets.TOKEN_KEY_DOCKER }} + - name: Set up QEMU + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 - name: Validate build configuration uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: From 2db62f2d577499db9e70f72146d5dc13d8196ea2 Mon Sep 17 00:00:00 2001 From: Mohamed Hisham Abdelzaher Date: Tue, 4 Nov 2025 20:52:36 +0200 Subject: [PATCH 20/20] Update Docker installation steps in workflow Added command to start Docker service after installation. --- .github/workflows/.docker.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/.docker.yaml b/.github/workflows/.docker.yaml index c8384cb1..43319d54 100644 --- a/.github/workflows/.docker.yaml +++ b/.github/workflows/.docker.yaml @@ -30,7 +30,10 @@ jobs: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Install APT packages - run: sudo apt-get update && sudo apt-get install -y docker.io + run: | + sudo apt-get update + sudo apt-get install -y docker.io + sudo systemctl start docker - name: Log in to ${{ inputs.registry }} Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 with: