53 lines
1.4 KiB
YAML
53 lines
1.4 KiB
YAML
name: image-ci
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- 'github-action'
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
build-tag-push:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Docker meta
|
|
id: meta
|
|
uses: docker/metadata-action@v4
|
|
with:
|
|
images: |
|
|
sidpalas/devops-directive-docker-course-api-node
|
|
tags: |
|
|
type=raw,value=latest
|
|
type=ref,event=branch
|
|
type=ref,event=pr
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
type=raw,value={{date 'YYYYMMDD'}}-{{sha}}
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Build and push
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
file: ./06-building-container-images/api-node/Dockerfile.8
|
|
context: ./05-example-web-application/api-node/
|
|
push: true
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
|
|
- name: Run Trivy vulnerability scanner
|
|
uses: aquasecurity/trivy-action@master
|
|
with:
|
|
image-ref: 'sidpalas/devops-directive-docker-course-api-node:latest'
|
|
format: 'table'
|
|
exit-code: '1'
|
|
ignore-unfixed: true
|
|
vuln-type: 'os,library'
|
|
severity: 'CRITICAL' |