Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
Silvija Tovernic committed Sep 21, 2024
1 parent d8d430b commit d3f6f14
Showing 1 changed file with 28 additions and 51 deletions.
79 changes: 28 additions & 51 deletions .github/workflows/reusable-workflow-docker-image.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,57 +33,34 @@ jobs:
- name: Checkout Repository
uses: actions/checkout@v4

# - name: Input Validation
# run: |
# if [[ "$PLATFORM" != "amd64" ]] && \
# [[ "$PLATFORM" != "arm64" ]]; then
# echo "Invalid environment: $PLATFORM"
# exit 1
# fi

# - name: Build Container Image
# run: |
# echo "Building image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
# podman build --platform linux/$PLATFORM -t $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $DOCKER_DIR

# - name: Push Container Image
# run: |
# echo "Pushing image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
# podman push $REGISTRY/$IMAGE_NAME:$IMAGE_TAG

# - name: Pull images
# run: |
# # podman pull docker.io/library/ubuntu:22.04
# podman pull $REGISTRY/$IMAGE_NAME:$IMAGE_TAG

# - name: List images
# run: |
# podman image ls

# - name: Check ubuntu image with Trivy
# run: |
# trivy image docker.io/library/ubuntu:22.04

- name: Check ubuntu with Trivy
run: |
trivy image $REGISTRY/$IMAGE_NAME:$IMAGE_TAG
env:
REGISTRY: "docker.io/library"
IMAGE_NAME: "ubuntu"
IMAGE_TAG: "24.04"

- name: Check our image with Trivy
run: |
trivy image $REGISTRY/$IMAGE_NAME:$IMAGE_TAG
env:
REGISTRY: "wp10tfdevacr.azurecr.io"
IMAGE_NAME: "silvija-test"
IMAGE_TAG: "64"

# - name: Check our image with Trivy
# run: |
# trivy image $REGISTRY/$IMAGE_NAME:$IMAGE_TAG

- name: Input Validation
run: |
if [[ "$PLATFORM" != "amd64" ]] && \
[[ "$PLATFORM" != "arm64" ]]; then
echo "Invalid environment: $PLATFORM"
exit 1
fi
- name: Build Container Image
run: |
echo "Building image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
podman build --platform linux/$PLATFORM -t $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $DOCKER_DIR
- name: Push Container Image
run: |
echo "Pushing image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
podman push $REGISTRY/$IMAGE_NAME:$IMAGE_TAG
- name: Scan image for vulnerabilites
run: |
mkdir build-artifacts
trivy image $REGISTRY/$IMAGE_NAME:$IMAGE_TAG > build-artifacts/vuln-scan.txt
- name: Generate SBOM
run: |
trivy image --format spdx $REGISTRY/$IMAGE_NAME:$IMAGE_TAG > build-artifacts/sbom-spdx.txt
trivy image --format cyclonedx $REGISTRY/$IMAGE_NAME:$IMAGE_TAG > build-artifacts/sbom-cyclonedx.txt
# - name: Check image with Trivy
# run: |
# mkdir build-artifacts
Expand Down

0 comments on commit d3f6f14

Please sign in to comment.