Remove old grype version within image scan.

Reviewed-on: https://cs-git.ddnss.de/home/apc-container/pulls/1

.drone.yml

@@ -1,20 +0,0 @@
-kind: pipeline
-name: default
-
-steps:
-- name: build container
-  image: plugins/docker
-  settings:
-    dockerfile: Dockerfile
-    username:
-      from_secret: registry-username
-    password:
-      from_secret: registry-password
-    registry: https://cs-registry.ddnss.de
-    repo: cs-registry.ddnss.de/${DRONE_REPO_OWNER}/apc
-    cache_from: cs-registry.ddnss.de/${DRONE_REPO_OWNER}/apc:latest
-    dry_run: false
-    purge: false
-    insecure: false
-    tags:
-    - ${DRONE_TAG}

.gitea/workflows/release.yml

@@ -0,0 +1,82 @@
+name: Build apc image
+
+on:
+  push:
+    branches: [ master ]
+  schedule:
+    # Run every Sunday at midnight
+    - cron: '1 0 * * 0'
+
+env:
+  IMAGE: /home/apc
+
+jobs:
+  Build-and-release-image:
+
+    runs-on: ubuntu-latest
+
+    container:
+      image: catthehacker/ubuntu:act-latest
+
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          buildkitd-flags: '--allow-insecure-entitlement network.host'
+          driver-opts: network=host
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USER }}
+          password: ${{ vars.DOCKERHUB_TOKEN }}
+
+      - name: Log into CS registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.CS_REGISTRY_URL }}
+          username: ${{ vars.CS_REGISTRY_USER }}
+          password: ${{ vars.CS_REGISTRY_PASS }}
+
+      - name: Log into local registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.LOCAL_REGISTRY_URL }}
+          username: ${{ vars.LOCAL_REGISTRY_USER }}
+          password: ${{ vars.LOCAL_REGISTRY_PASS }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.REGISTRY_URL }}${{ env.IMAGE }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        env:
+          ACTIONS_RUNTIME_TOKEN: ''
+        with:
+          allow: network.host
+          network: host
+          tags: ${{ vars.LOCAL_REGISTRY_URL }}${{ env.IMAGE }}:latest
+          push: true
+          
+      - name: Scan image
+        uses: anchore/scan-action@v6
+        id: scan
+        with:
+          image: ${{ vars.LOCAL_REGISTRY_URL }}${{ env.IMAGE }}:latest
+          fail-build: false
+          output-format: table
+          severity-cutoff: critical
+          registry-username: ${{ vars.LOCAL_REGISTRY_USER }}
+          registry-password: ${{ vars.LOCAL_REGISTRY_PASS }}
+      
+      - name: Inspect file
+        run: cat ${{ steps.scan.outputs.table }}
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: scan-result
+          path: ${{ steps.scan.outputs.table }}

Dockerfile

@@ -1,4 +1,5 @@
 FROM golang:alpine AS build
+
 MAINTAINER chris
 RUN apk add git --no-cache && \
     git clone https://github.com/mdlayher/apcupsd_exporter /tmp/build && \
@@ -6,9 +7,13 @@ RUN apk add git --no-cache && \
     go build -o /go/bin/apcupsd_exporter /tmp/build/cmd/apcupsd_exporter/main.go
 
 FROM alpine:latest
+
 RUN apk update && apk upgrade && apk add --no-cache libusb apcupsd
+
 COPY apc-deamon.conf /etc/apcupsd/apcupsd.conf
+COPY entrypoint.sh /sbin/entrypoint.sh 
 COPY --from=build /go/bin/apcupsd_exporter /sbin/apcupsd_exporter
+
 EXPOSE 9162 3551/tcp 3551/udp
-CMD /sbin/apcupsd_exporter -apcupsd.addr localhost:3551 &
-ENTRYPOINT /sbin/apcupsd -b
+
+ENTRYPOINT ["sh", "/sbin/entrypoint.sh"]

Readme.md

@@ -0,0 +1 @@
+![Build status](https://cs-git.ddnss.de/home/apc-container/actions/workflows/release.yml/badge.svg)

entrypoint.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+/sbin/apcupsd_exporter -apcupsd.addr localhost:3551 &
+
+/sbin/apcupsd -b
+