Skip running trivy (#216) #134
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, scan and push minimal development environment container | |
| env: | |
| REGISTRY: ghcr.io | |
| GITHUB_REPOSITORY: airtai/nbdev-mkdocs | |
| IMAGE: ghcr.io/airtai/nbdev-mkdocs | |
| IMAGE_TF: ghcr.io/airtai/nbdev-mkdocs-tensorflow-2.12.0 | |
| on: | |
| push: | |
| branches: ["main", "dev", "build-tensorflow-image"] | |
| jobs: | |
| docker_build_deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| defaults: | |
| run: | |
| working-directory: docker | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Setup trivy | |
| run: | | |
| sudo apt-get install wget apt-transport-https gnupg lsb-release | |
| wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - | |
| echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list | |
| sudo apt-get update | |
| sudo apt-get install trivy | |
| - name: Run build script | |
| run: ./build_docker.sh | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push only if branch name is main or dev | |
| if: github.ref_name == 'main' || github.ref_name == 'dev' | |
| run: | | |
| docker images | |
| echo docker push $IMAGE --all-tags | |
| docker push $IMAGE --all-tags | |
| docker_build_deploy_tensorflow: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| defaults: | |
| run: | |
| working-directory: docker | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Setup trivy | |
| run: | | |
| sudo apt-get install wget apt-transport-https gnupg lsb-release | |
| wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - | |
| echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list | |
| sudo apt-get update | |
| sudo apt-get install trivy | |
| - name: Run build script | |
| run: ./build_docker_tensorflow.sh | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push only if branch name is main or dev | |
| if: github.ref_name == 'main' || github.ref_name == 'dev' | |
| run: | | |
| docker images | |
| echo docker push --all-tags $IMAGE_TF | |
| docker push --all-tags $IMAGE_TF | |