@@ -30,51 +30,51 @@ jobs:
30
30
author_name : Github Action Slack
31
31
32
32
docker :
33
- if : github.repository_owner == 'cloudforet-io'
34
- needs : versioning
35
- runs-on : ubuntu-latest
36
- env :
37
- VERSION : ${{ needs.versioning.outputs.version }}
38
- steps :
39
- - name : Checkout
40
- uses : actions/checkout@v3
41
- with :
42
- token : ${{ secrets.PAT_TOKEN }}
43
-
44
- - name : get service name
45
- run : |
46
- echo "SERVICE=$(echo ${{ github.repository }} | cut -d '/' -f2)" >> $GITHUB_ENV
47
-
48
- - name : Set up QEMU
49
- uses : docker/setup-qemu-action@v2
50
-
51
- - name : Set up Docker Buildx
52
- uses : docker/setup-buildx-action@v2
53
-
54
- - name : Login to Docker Hub
55
- uses : docker/login-action@v2
56
- with :
57
- username : ${{ secrets.DOCKER_USERNAME }}
58
- password : ${{ secrets.DOCKER_PASSWORD }}
59
-
60
- - name : Build and push to pyengine
61
- uses : docker/build-push-action@v4
62
- with :
63
- context : .
64
- push : true
65
- tags : pyengine/${{ env.SERVICE }}:${{ env.VERSION }}
66
-
67
- - name : Notice when job fails
68
- if : failure()
69
-
70
- with :
71
- status : ${{job.status}}
72
- fields : repo,workflow,job
73
- author_name : Github Action Slack
33
+ if : github.repository_owner == 'cloudforet-io'
34
+ needs : versioning
35
+ runs-on : ubuntu-latest
36
+ env :
37
+ VERSION : ${{ needs.versioning.outputs.version }}
38
+ steps :
39
+ - name : Checkout
40
+ uses : actions/checkout@v3
41
+ with :
42
+ token : ${{ secrets.PAT_TOKEN }}
43
+
44
+ - name : get service name
45
+ run : |
46
+ echo "SERVICE=$(echo ${{ github.repository }} | cut -d '/' -f2)" >> $GITHUB_ENV
47
+
48
+ - name : Set up QEMU
49
+ uses : docker/setup-qemu-action@v2
50
+
51
+ - name : Set up Docker Buildx
52
+ uses : docker/setup-buildx-action@v2
53
+
54
+ - name : Login to Docker Hub
55
+ uses : docker/login-action@v2
56
+ with :
57
+ username : ${{ secrets.DOCKER_USERNAME }}
58
+ password : ${{ secrets.DOCKER_PASSWORD }}
59
+
60
+ - name : Build and push to pyengine
61
+ uses : docker/build-push-action@v4
62
+ with :
63
+ context : .
64
+ push : true
65
+ tags : pyengine/${{ env.SERVICE }}:${{ env.VERSION }}
66
+
67
+ - name : Notice when job fails
68
+ if : failure()
69
+
70
+ with :
71
+ status : ${{job.status}}
72
+ fields : repo,workflow,job
73
+ author_name : Github Action Slack
74
74
75
75
scan :
76
- needs : [versioning, docker]
77
- runs-on : ubuntu-20.04
76
+ needs : [ versioning, docker ]
77
+ runs-on : ubuntu-latest
78
78
env :
79
79
VERSION : ${{ needs.versioning.outputs.version }}
80
80
steps :
90
90
severity : ' CRITICAL,HIGH'
91
91
92
92
- name : Upload Trivy scan results to GitHub Security tab
93
- uses : github/codeql-action/upload-sarif@v2
93
+ uses : github/codeql-action/upload-sarif@v3
94
94
with :
95
95
sarif_file : ' trivy-results.sarif'
96
96
@@ -102,7 +102,7 @@ jobs:
102
102
echo "$count"
103
103
104
104
- name : slack
105
- if : ${{ steps.vulnerabilities.outputs.result_count != 0 }}
105
+ if : ${{ steps.vulnerabilities.outputs.result_count != 0 }}
106
106
uses : 8398a7/action-slack@v3
107
107
with :
108
108
status : custom
0 commit comments