This repository has been archived by the owner on Feb 23, 2024. It is now read-only.
Fix Dockerfile #206
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| # Publish semver tags as releases. | |
| tags: [ 'v*.*.*' ] | |
| pull_request: | |
| branches: [ "main" ] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| SHA: ${{ github.event.pull_request.head.sha || github.event.after }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| # needed to be able to set audience in ID token | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ env.SHA }} | |
| - name: Setup Docker buildx | |
| uses: cdupuis/setup-buildx-action@76b9eacc5fe8dced8146d8537f9e60f7b14fa8de | |
| - name: Log into registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 | |
| with: | |
| tags: | | |
| type=edge,branch=main | |
| type=sha | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| push: ${{ github.event_name != 'pull_request' }} | |
| load: ${{ github.event_name == 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| #platforms: linux/amd64,linux/arm64 | |
| sbom: false | |
| provenance: false | |
| #- name: Create CVE report | |
| # uses: docker/scout-action@ca09af31fdb99995a36608d63aba7b5e4f66709a | |
| # with: | |
| # command: cves | |
| # image: ${{ steps.meta.outputs.tags }} | |
| # args: '--output image.sarif.json --format sarif' | |
| # user: ${{ secrets.DOCKER_HUB_USER }} | |
| # password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
| # registry_user: ${{ github.actor }} | |
| # registry_password: ${{ secrets.GITHUB_TOKEN }} | |
| #- name: Upload SARIF file | |
| # uses: github/codeql-action/upload-sarif@v2 | |
| # with: | |
| # # Path to SARIF file relative to the root of the repository | |
| # sarif_file: image.sarif.json | |