Skip to content

Merge pull request #12 from acend/renovate/golang-1.x #19

Merge pull request #12 from acend/renovate/golang-1.x

Merge pull request #12 from acend/renovate/golang-1.x #19

Workflow file for this run

# changeme
# Change the following parts to your current installation
# - entire Docker Build steps accordingly to the amount of different versions or tags your building TRAINING_HUGO_ENV
# - Tags
# - Helm Target Namespace
# - Name of K8S Deployment to trigger and namespace
# - Secrets
# - QUAYIO_USERNAME and QUAYIO_TOKEN must be set accordingly to your registry, existing users must have access to the repos
# - KUBECONFIG content of the Kubeconfig File, Account must have access to the k8s namespace. It's used in the helm steps
name: Publish Main Version
on:
push:
branches:
- main
- master
jobs:
build:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Log in to the ghcr.io Container registry
uses: docker/#-action@7137ecbd587e9331e068c80ad54b57e873403052
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build Latest Version
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
tags: |
ghcr.io/acend/slack-notify:latest
-
name: Run vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'ghcr.io/acend/slack-notify:latest'
format: 'table'
output: 'trivy-results.txt'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os'
severity: 'CRITICAL,HIGH'
-
name: Archive vulnerability scan results
uses: actions/upload-artifact@v3
with:
name: trivy-results-main
path: trivy-results.txt