From 0eebe6d68d8431f42c1beee14e12d52afb331077 Mon Sep 17 00:00:00 2001 From: Eloise Faure Date: Fri, 27 Feb 2026 15:51:02 +0100 Subject: [PATCH 1/2] Do not push latest tag if the release is not the last one --- .circleci/config.yml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 247df4239eec..a66b1e3bd238 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -547,8 +547,13 @@ jobs: working_directory: ~/opencti_docker/opencti-platform name: Build Docker image opencti/platform command: | - docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_circleci_fips -t opencti/platform:latest-fips -t opencti/platform:${CIRCLE_TAG}-fips --push . - docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_circleci_fips -t ghcr.io/opencti-platform/opencti/platform:latest-fips -t ghcr.io/opencti-platform/opencti/platform:${CIRCLE_TAG}-fips --push . + LATEST_SEMANTIC_VERSION=$(git tag --sort=-v:refname | grep -E '^v?[0-9]+\.[0-9]+\.[0-9]+$' | head -n 1) + DOCKER_TAGS="-t opencti/platform:${CIRCLE_TAG}-fips" + [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && DOCKER_TAGS="$DOCKER_TAGS -t opencti/platform:latest-fips" + docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_circleci_fips $DOCKER_TAGS --push . + GHCR_TAGS="-t ghcr.io/opencti-platform/opencti/platform:${CIRCLE_TAG}-fips" + [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && GHCR_TAGS="$GHCR_TAGS -t ghcr.io/opencti-platform/opencti/platform:latest-fips" + docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_circleci_fips $GHCR_TAGS --push . no_output_timeout: 30m - slack/notify: event: fail @@ -589,8 +594,13 @@ jobs: working_directory: ~/opencti_docker/opencti-worker name: Build Docker image opencti/worker command: | - docker buildx build --progress=plain --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_fips -t opencti/worker:latest-fips -t opencti/worker:${CIRCLE_TAG}-fips --push . - docker buildx build --progress=plain --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_fips -t ghcr.io/opencti-platform/opencti/worker:latest-fips -t ghcr.io/opencti-platform/opencti/worker:${CIRCLE_TAG}-fips --push . + LATEST_SEMANTIC_VERSION=$(git tag --sort=-v:refname | grep -E '^v?[0-9]+\.[0-9]+\.[0-9]+$' | head -n 1) + DOCKER_TAGS="-t opencti/worker:${CIRCLE_TAG}-fips" + [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && DOCKER_TAGS="$DOCKER_TAGS -t opencti/worker:latest-fips" + docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_circleci_fips $DOCKER_TAGS --push . + GHCR_TAGS="-t ghcr.io/opencti-platform/opencti/worker:${CIRCLE_TAG}-fips" + [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && GHCR_TAGS="$GHCR_TAGS -t ghcr.io/opencti-platform/opencti/worker:latest-fips" + docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_circleci_fips $GHCR_TAGS --push . - slack/notify: event: fail template: basic_fail_1 From 00e2d38b0387eb16038238013ccb9f5cc1e61f8a Mon Sep 17 00:00:00 2001 From: Eloise Faure Date: Fri, 27 Feb 2026 17:16:40 +0100 Subject: [PATCH 2/2] Fix docker worker build --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index a66b1e3bd238..f00af89b71bf 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -597,10 +597,10 @@ jobs: LATEST_SEMANTIC_VERSION=$(git tag --sort=-v:refname | grep -E '^v?[0-9]+\.[0-9]+\.[0-9]+$' | head -n 1) DOCKER_TAGS="-t opencti/worker:${CIRCLE_TAG}-fips" [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && DOCKER_TAGS="$DOCKER_TAGS -t opencti/worker:latest-fips" - docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_circleci_fips $DOCKER_TAGS --push . + docker buildx build --progress=plain --platform $BUILDX_PLATFORMS --cache-to=type=local,dest=.cache -f Dockerfile_fips $DOCKER_TAGS --push . GHCR_TAGS="-t ghcr.io/opencti-platform/opencti/worker:${CIRCLE_TAG}-fips" [ "$CIRCLE_TAG" = "$LATEST_SEMANTIC_VERSION" ] && GHCR_TAGS="$GHCR_TAGS -t ghcr.io/opencti-platform/opencti/worker:latest-fips" - docker buildx build --progress=plain --build-arg TAG_VERSION=${CIRCLE_TAG} --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_circleci_fips $GHCR_TAGS --push . + docker buildx build --progress=plain --platform $BUILDX_PLATFORMS --cache-from=type=local,src=.cache -f Dockerfile_fips $GHCR_TAGS --push . - slack/notify: event: fail template: basic_fail_1