Update github/codeql-action action to v2.22.9 #474
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build/Push Image and Release Charts | |
"on": | |
pull_request: | |
paths-ignore: | |
- chart/**/Chart.yaml | |
- chart/**/values.yaml | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- chart/**/Chart.yaml | |
- chart/**/values.yaml | |
permissions: read-all | |
jobs: | |
setenv: | |
uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@fae1fbc2332578c7177c218279e6f2ab082bb3f8 | |
with: | |
gh_head_ref: ${{ github.head_ref }} | |
gh_ref_name: ${{ github.ref_name }} | |
gh_event_repo_name: ${{ github.event.repository.name }} | |
gh_sha: ${{ github.sha }} | |
gh_repo: ${{ github.repository }} | |
gh_run_number: ${{ github.run_number }} | |
release: | |
uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@fae1fbc2332578c7177c218279e6f2ab082bb3f8 | |
needs: setenv | |
with: | |
gh_repository_owner: ${{ github.repository_owner }} | |
gh_event_name: ${{ github.event_name }} | |
gh_ref: ${{ github.ref }} | |
registry: ${{ needs.setenv.outputs.registry }} | |
image_repo_tag: ${{ needs.setenv.outputs.image_repo_tag }} | |
secrets: | |
QUAY_USERID: ${{ secrets.QUAY_USERID }} | |
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} | |
permissions: | |
id-token: write | |
trivy: | |
permissions: | |
security-events: write | |
statuses: write | |
uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@fae1fbc2332578c7177c218279e6f2ab082bb3f8 | |
needs: | |
- setenv | |
- release | |
with: | |
gh_repository_owner: ${{ github.repository_owner }} | |
gh_event_name: ${{ github.event_name }} | |
gh_ref: ${{ github.ref }} | |
image_repo_tag: ${{ needs.setenv.outputs.image_repo_tag }} | |
helm: | |
permissions: | |
contents: write | |
uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@fae1fbc2332578c7177c218279e6f2ab082bb3f8 | |
needs: | |
- setenv | |
- release | |
with: | |
gh_repository_owner: ${{ github.repository_owner }} | |
gh_event_name: ${{ github.event_name }} | |
gh_ref: ${{ github.ref }} | |
gh_handle: ${{ needs.setenv.outputs.gh_handle }} | |
chart: chart/${{ needs.setenv.outputs.compname }} | |
chart_version: ${{ needs.setenv.outputs.chart_version }} | |
image_repository: ${{ needs.setenv.outputs.image_repository }} | |
image_tag: ${{ needs.setenv.outputs.image_tag }} | |
image_digest: ${{ needs.release.outputs.digest }} | |
secrets: | |
GPG_KEYRING_BASE64: ${{ secrets.GPG_KEYRING_BASE64 }} | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
GPG_KEY: ${{ secrets.GPG_KEY }} | |
gh_token: ${{ secrets.HELM_INDEXER_TOKEN }} | |
sbom: | |
uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@fae1fbc2332578c7177c218279e6f2ab082bb3f8 | |
needs: | |
- setenv | |
- release | |
with: | |
gh_repository_owner: ${{ github.repository_owner }} | |
gh_event_name: ${{ github.event_name }} | |
gh_ref: ${{ github.ref }} | |
dhurl: ${{ needs.setenv.outputs.dhurl }} | |
compname: ${{ needs.setenv.outputs.compname }} | |
chart_version: ${{ needs.setenv.outputs.chart_version }} | |
branch: ${{ needs.setenv.outputs.branch }} | |
digest: ${{ needs.release.outputs.digest }} | |
image_repo_tag: ${{ needs.setenv.outputs.image_repo_tag }} | |
image_repository: ${{ needs.setenv.outputs.image_repository }} | |
image_tag: ${{ needs.setenv.outputs.image_tag }} | |
image_version: ${{ needs.setenv.outputs.image_version }} | |
secrets: | |
DHPASS: ${{ secrets.DHPASS }} | |
DHUSER: ${{ secrets.DHUSER }} |