Skip to content
CI Pipeline Build, package, and Trivy scanner

Bump streamlit from 1.30.0 to 1.37.0 #30

Sign in to view logs

Bump streamlit from 1.30.0 to 1.37.0

Bump streamlit from 1.30.0 to 1.37.0 #30

Workflow file for this run

.github/workflows/main.yaml at 15cace1
name: CI Pipeline Build, package, and Trivy scanner
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
# Step 1: Checkout the code
- name: Checkout repository
uses: actions/checkout@v3
# Step 2: Set up Python
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.8'
# Step 3: Install dependencies
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
# Step 4: Run Tests
- name: Run tests
run: |
pytest
# Step 5: Set up Docker Buildx (for cross-platform builds)
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# Step 6: Build Docker image
- name: Build Docker image
run: |
docker build -t ezio_rag_app .
# Step 7: Install Trivy
- name: Install Trivy
env:
GOPATH: ${{ runner.temp }}/go
run: |
sudo apt-get update
sudo apt-get install -y wget
go install github.com/aquasecurity/trivy/cmd/trivy@latest
echo "PATH=$PATH:${GOPATH}/bin" >> $GITHUB_ENV
# Step 8: Verify Trivy Installation
- name: Verify Trivy Installation
run: trivy --version
# Step 9: Initialize Trivy DB by scanning a placeholder image (to download the DB)
- name: Initialize Trivy DB
env:
TRIVY_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
trivy image --download-db-only --quiet
- name: Run Trivy scan on Docker image
env:
TRIVY_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
trivy image --severity HIGH,CRITICAL --format table ezio_rag_app