Skip to content

Bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 #542

Bump aquasecurity/trivy-action from 0.13.1 to 0.14.0

Bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 #542

Workflow file for this run

# https://docs.github.com/actions
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
metadata:
name: Metadata
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version-step.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Extract current version
id: version-step
run: echo "version=$(grep -oP '^ARG YOURLS_VERSION=\"\K[^\"]+' images/yourls/Dockerfile.template)" >> $GITHUB_OUTPUT
files:
name: Files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Generate variants
run: ./images/yourls/bin/generate-variants.sh dist/
- name: Prepare scripts
run: |
mkdir ./images/yourls/dist/bin
cp ./images/yourls/bin/* ./images/yourls/dist/bin
rm ./images/yourls/dist/bin/generate-variants.sh
- name: Copy version
run: grep -oP '^ARG YOURLS_VERSION="\K[^"]+' ./images/yourls/Dockerfile.template > ./images/yourls/dist/yourls_version
- name: Save files
uses: actions/upload-artifact@v3
with:
name: context-files
path: ./images/yourls/dist
build:
name: Build
runs-on: ubuntu-latest
needs:
- metadata
- files
strategy:
matrix:
variant: [fpm-alpine, fpm, apache]
steps:
- name: Retrieve context files
uses: actions/download-artifact@v3
with:
name: context-files
- run: chmod +x ./*/container-entrypoint.sh
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build
uses: docker/build-push-action@v5
with:
context: ${{ matrix.variant }}
tags: yourls-test:${{ needs.metadata.outputs.version }}-${{ matrix.variant }}
outputs: type=docker,dest=/tmp/container-image.tar
cache-from: type=gha,scope=${{ matrix.variant }}
cache-to: type=gha,scope=${{ matrix.variant }},mode=max
- name: Save image
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.variant }}-image
path: /tmp/container-image.tar
retention-days: 1
test:
name: Test
runs-on: ubuntu-latest
needs:
- metadata
- build
strategy:
matrix:
variant: [fpm-alpine, fpm, apache]
steps:
- uses: actions/checkout@v4
with:
repository: docker-library/official-images
- name: Retrieve image artifact
uses: actions/download-artifact@v3
with:
name: ${{ matrix.variant }}-image
- name: Load image
run: docker load --input container-image.tar
- name: Test
run: ./test/run.sh "${IMAGE}"
env:
IMAGE: yourls-test:${{ needs.metadata.outputs.version }}-${{ matrix.variant }}
analysis:
name: Analysis
uses: ./.github/workflows/analysis.yml
permissions:
actions: read
contents: read
security-events: write
needs:
- metadata
- build
release:
name: Release
if: github.ref == 'refs/heads/main'
needs:
- metadata
- build
- test
uses: ./.github/workflows/release.yml
permissions:
contents: write
packages: write
id-token: write
with:
version: ${{ needs.metadata.outputs.version }}