Skip to content

test trivy-vulnerability-scanner (#699) #186

test trivy-vulnerability-scanner (#699)

test trivy-vulnerability-scanner (#699) #186

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: publish images
on:
push:
branches:
- main
release:
types: [published]
env:
DOCKER_ORG: wmoim
jobs:
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
strategy:
matrix:
image:
# - wis2box-api
- wis2box-broker
- wis2box-management
- wis2box-mqtt-metrics-collector
# - wis2box-ui
steps:
- name: Checkout branch
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
${{ env.DOCKER_ORG }}/${{ matrix.image }}
ghcr.io/${{ github.repository_owner }}/${{ matrix.image }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=pep440,pattern={{version}}
- name: Build and push
uses: docker/build-push-action@v2.7.0
with:
context: ./${{ matrix.image }}
file: ./${{ matrix.image }}/Dockerfile
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: linux/arm64, linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}