Compare commits
13 Commits
ec92f709d4
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 4688d023a0 | |||
| be0bf9d194 | |||
| 8708923cc4 | |||
| 9243375da4 | |||
| 078f0abdfe | |||
| f969a1efea | |||
| 3a189363db | |||
| 329e6df7cc | |||
| 6def3e64b4 | |||
| 00c21e8d53 | |||
| 4069038fec | |||
| b39f0d47fc | |||
| 70fabf3fda |
@@ -1,39 +1,82 @@
|
||||
name: Build container image
|
||||
name: Build ASU website image
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ master ]
|
||||
schedule:
|
||||
# Run every Sunday at midnight
|
||||
- cron: '1 0 * * 0'
|
||||
|
||||
env:
|
||||
USER: chris
|
||||
PASS: q',\H(Od:G3).Xv<#!5P
|
||||
IMAGE: /arbeitsschutz-ulm/website
|
||||
|
||||
jobs:
|
||||
Build-and-release-image:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
container:
|
||||
image: catthehacker/ubuntu:act-latest
|
||||
|
||||
steps:
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
with:
|
||||
buildkitd-flags: '--allow-insecure-entitlement network.host'
|
||||
driver-opts: network=host
|
||||
|
||||
- name: Log into registry
|
||||
- name: Login to Docker Hub
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: https://cs-git.ddnss.de
|
||||
username: ${{ env.USER }}
|
||||
password: ${{ env.PASS }}
|
||||
username: ${{ vars.DOCKERHUB_USER }}
|
||||
password: ${{ vars.DOCKERHUB_TOKEN }}
|
||||
|
||||
- name: Log into CS registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ vars.CS_REGISTRY_URL }}
|
||||
username: ${{ vars.CS_REGISTRY_USER }}
|
||||
password: ${{ vars.CS_REGISTRY_PASS }}
|
||||
|
||||
- name: Log into local registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ vars.LOCAL_REGISTRY_URL }}
|
||||
username: ${{ vars.LOCAL_REGISTRY_USER }}
|
||||
password: ${{ vars.LOCAL_REGISTRY_PASS }}
|
||||
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: cs-git.ddnss.de/arbeitsschutz-ulm/website
|
||||
images: ${{ secrets.REGISTRY_URL }}${{ env.IMAGE }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v4
|
||||
uses: docker/build-push-action@v6
|
||||
env:
|
||||
ACTIONS_RUNTIME_TOKEN: ''
|
||||
with:
|
||||
tags: cs-git.ddnss.de/arbeitsschutz-ulm/website:master
|
||||
push: true
|
||||
allow: network.host
|
||||
network: host
|
||||
tags: ${{ vars.LOCAL_REGISTRY_URL }}${{ env.IMAGE }}:latest
|
||||
push: true
|
||||
|
||||
- name: Scan image
|
||||
uses: anchore/scan-action@v6
|
||||
id: scan
|
||||
with:
|
||||
image: ${{ vars.LOCAL_REGISTRY_URL }}${{ env.IMAGE }}:latest
|
||||
fail-build: false
|
||||
output-format: table
|
||||
severity-cutoff: critical
|
||||
registry-username: ${{ vars.LOCAL_REGISTRY_USER }}
|
||||
registry-password: ${{ vars.LOCAL_REGISTRY_PASS }}
|
||||
|
||||
- name: Inspect file
|
||||
run: cat ${{ steps.scan.outputs.table }}
|
||||
|
||||
- name: Upload Artifact
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: scan-result
|
||||
path: ${{ steps.scan.outputs.table }}
|
||||
|
||||
Reference in New Issue
Block a user