Skip to content

Commit

Permalink
changed: version and latest tags - no more main tag
Browse files Browse the repository at this point in the history
  • Loading branch information
ammnt committed Oct 7, 2024
1 parent 96036a0 commit 1332058
Showing 1 changed file with 17 additions and 17 deletions.
34 changes: 17 additions & 17 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ on:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
APP_VERSION: 1.27.4
APP_VERSION: 1.7.0

jobs:
build:
Expand Down Expand Up @@ -60,7 +60,7 @@ jobs:
context: .
platforms: linux/amd64
load: ${{ github.event_name != 'pull_request' }}
tags: ${{ github.repository }}:${{ env.APP_VERSION }}
tags: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
Expand All @@ -69,7 +69,7 @@ jobs:
uses: docker/scout-action@v1.14.0
with:
command: cves,sbom
image: ${{ github.repository }}:${{ env.APP_VERSION }}
image: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
sarif-file: sarif.output.json
summary: false

Expand All @@ -81,7 +81,7 @@ jobs:
- name: Analyze image with Trivy💊
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ github.repository }}:${{ env.APP_VERSION }}
image-ref: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
scan-type: image
format: "github"
output: "dependency-results.sbom.json"
Expand All @@ -100,7 +100,7 @@ jobs:
id: anchore
uses: anchore/scan-action@v4.1.2
with:
image: ${{ github.repository }}:${{ env.APP_VERSION }}
image: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
fail-build: false
severity-cutoff: critical

Expand All @@ -113,7 +113,7 @@ jobs:
uses: anchore/sbom-action@v0.17.2
with:
syft-version: v1.13.0
image: ${{ github.repository }}:${{ env.APP_VERSION }}
image: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
artifact-name: image.spdx.json
dependency-snapshot: false

Expand All @@ -123,7 +123,7 @@ jobs:
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: ${{ github.repository }}:${{ env.APP_VERSION }}
image: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
args: --file=Dockerfile

- name: Upload Snyk report📊
Expand All @@ -139,15 +139,15 @@ jobs:
sleep 1
DOCKER_GATEWAY=$(docker network inspect bridge --format "{{range .IPAM.Config}}{{.Gateway}}{{end}}")
wget -qO clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 && chmod +x clair-scanner
./clair-scanner --ip="$DOCKER_GATEWAY" ${{ github.repository }}:${{ env.APP_VERSION }} || exit 0
./clair-scanner --ip="$DOCKER_GATEWAY" ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }} || exit 0
- name: Slim the Docker image🚀
uses: kitabisa/docker-slim-action@v1.1.2
env:
DSLIM_HTTP_PROBE: false
with:
target: ${{ github.repository }}:${{ env.APP_VERSION }}
tag: ${{ github.repository }}:${{ env.APP_VERSION }}
target: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
tag: ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
overwrite: true

- name: Explore the Docker image with Dive🔍
Expand All @@ -157,21 +157,21 @@ jobs:
run: |
wget -q https://github.com/wagoodman/dive/releases/download/v0.12.0/dive_0.12.0_linux_amd64.tar.gz
tar xvzf dive_0.12.0_linux_amd64.tar.gz -C /usr/local/bin
dive --ci-config "${{ github.workspace }}/.dive-ci/" ${{ github.repository }}:${{ env.APP_VERSION }}
dive --ci-config "${{ github.workspace }}/.dive-ci/" ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
- name: Test the Docker image🧪
run: |
docker run -d --rm -p 127.0.0.1:8080:8080/tcp ${{ github.repository }}:${{ env.APP_VERSION }}
docker run -d --rm -p 127.0.0.1:8080:8080/tcp ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }}
curl -v http://127.0.0.1:8080 || exit 1
- name: Push the Docker images to registries💾
run: |
docker tag ${{ github.repository }}:${{ env.APP_VERSION }} ${{ github.repository }}:latest
docker tag ${{ github.repository }}:${{ env.APP_VERSION }} ammnt/freenginx:${{ env.APP_VERSION }}
docker tag ${{ github.repository }}:${{ env.APP_VERSION }} ammnt/freenginx:latest
docker push ${{ github.repository }} --all-tags
docker tag ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }} ghcr.io/ammnt/freenginx:latest
docker tag ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }} ammnt/freenginx:${{ env.APP_VERSION }}
docker tag ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }} ammnt/freenginx:latest
docker push ghcr.io/ammnt/freenginx --all-tags
docker push ammnt/freenginx --all-tags
DIGEST=$(docker images --no-trunc --quiet ${{ github.repository }}:${{ env.APP_VERSION }})
DIGEST=$(docker images --no-trunc --quiet ghcr.io/ammnt/freenginx:${{ env.APP_VERSION }})
echo "DIGEST=$DIGEST" >> $GITHUB_ENV
- name: Attestation the Docker image📍
Expand Down

0 comments on commit 1332058

Please sign in to comment.