fix: package.json & yarn.lock to reduce vulnerabilities #287
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker publish | |
| on: push | |
| permissions: | |
| contents: read | |
| jobs: | |
| publish: | |
| # Only run it when the push is to the fleetdm/fleet repo. Otherwise the secrets for pushing to | |
| # Docker will not be available. | |
| if: github.repository_owner == 'fleetdm' | |
| runs-on: ubuntu-latest | |
| environment: Docker Hub | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 # v1.10.0 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }} | |
| - name: Set up Go | |
| uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923 # v2 | |
| with: | |
| go-version: 1.17.8 | |
| - name: Install Dependencies | |
| run: make deps | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@68acf3b1adf004ac9c2f0a4259e85c5f66e99bef | |
| with: | |
| distribution: goreleaser-pro | |
| version: latest | |
| args: release --snapshot --rm-dist -f .goreleaser-snapshot.yml | |
| env: | |
| GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} | |
| - name: Tag image with branch name | |
| run: docker tag fleetdm/fleet:$(git rev-parse --short HEAD) fleetdm/fleet:$(git rev-parse --abbrev-ref HEAD) | |
| # Explicitly push the docker images as GoReleaser will not do so in snapshot mode | |
| - name: Publish Docker images | |
| run: docker push fleetdm/fleet --all-tags |