Daily auto build and push docker images #481
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Daily auto build and push docker images | |
| # Note: the use of "if: always()" | |
| # A job can require a job to run first (with 'needs'). That job may fail if there are vulnerabilities found. | |
| # If the previous job has failed, then that job did NOT push a new image to Docker Hub (perhaps it had new vulnerabilities, so we don't want that in Docker Hub) | |
| # Just continue building the next image, because each build will pull the 'FROM_IMAGE' from Docker Hub (so that's an existing/older image without new known vulnerabilities) | |
| on: | |
| schedule: | |
| # Note: This is UTC time | |
| - cron: '45 8 * * *' # https://crontab.guru/#45_8_*_*_* “At 08:45.” | |
| # - cron: '45 20 * * *' # https://crontab.guru/#45_20_*_*_* “At 20:45.” | |
| workflow_dispatch: | |
| # pull_request: | |
| # push: | |
| # branches: | |
| # - main | |
| permissions: | |
| contents: read | |
| actions: read | |
| security-events: write | |
| jobs: | |
| ######################### alpine ############################## | |
| alpine: | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./alpine/Dockerfile | |
| FROM_IMAGE: 'alpine:latest' | |
| IMAGE_NAME: 'alpine' | |
| IMAGE_TAG_SPECIFIC: 'latest' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| alpine_3_19: | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./alpine/Dockerfile | |
| FROM_IMAGE: 'alpine:3.19' | |
| IMAGE_NAME: 'alpine' | |
| IMAGE_TAG_SPECIFIC: '3.19' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### debian ############################## | |
| # debian: | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./debian/Dockerfile | |
| # FROM_IMAGE: 'debian:latest' | |
| # IMAGE_NAME: 'debian' | |
| # IMAGE_TAG_SPECIFIC: 'latest' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### ubuntu ############################## | |
| # ubuntu: | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./ubuntu/Dockerfile | |
| # FROM_IMAGE: 'ubuntu:latest' | |
| # IMAGE_NAME: 'ubuntu' | |
| # IMAGE_TAG_SPECIFIC: 'latest' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### python-alpine ################################ | |
| python_3_alpine: | |
| needs: alpine | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./python/alpine/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/alpine:latest' | |
| IMAGE_NAME: 'python' | |
| IMAGE_TAG_SPECIFIC: '3-alpine' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### python-debian-slim ################################ | |
| # python_3_slim: | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./python/slim/Dockerfile | |
| # FROM_IMAGE: 'python:3-slim' | |
| # IMAGE_NAME: 'python' | |
| # IMAGE_TAG_SPECIFIC: '3-slim' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### ansible ################################ | |
| # ansible-alpine: | |
| # needs: python_3_alpine | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./ansible/alpine/Dockerfile | |
| # FROM_IMAGE: 'rboonzaijer/python:3' | |
| # IMAGE_NAME: 'ansible' | |
| # IMAGE_TAG_SPECIFIC: 'alpine' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # SCANNERS: 'vuln' | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### node ################################ | |
| node: | |
| needs: alpine | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./node/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/alpine:latest' | |
| IMAGE_NAME: 'node' | |
| IMAGE_TAG_SPECIFIC: 'latest' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### imagemagick ######################### | |
| imagemagick: | |
| needs: alpine | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./imagemagick/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/alpine:latest' | |
| IMAGE_NAME: 'imagemagick' | |
| IMAGE_TAG_SPECIFIC: 'latest' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### nginx ############################### | |
| nginx: | |
| needs: alpine | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./nginx/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/alpine:latest' | |
| IMAGE_NAME: 'nginx' | |
| IMAGE_TAG_SPECIFIC: 'latest' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # Only for PHP8.1, may be removed at any time, you should upgrade: https://www.php.net/supported-versions.php | |
| nginx_3_19: | |
| needs: alpine_3_19 | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./nginx/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/alpine:3.19' | |
| IMAGE_NAME: 'nginx' | |
| IMAGE_TAG_SPECIFIC: 'alpine-3.19' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| ######################### php-nginx ########################### | |
| # php_nginx_84: | |
| # needs: nginx | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./php-nginx/8.4/Dockerfile | |
| # FROM_IMAGE: 'rboonzaijer/nginx:latest' | |
| # IMAGE_NAME: 'php-nginx' | |
| # IMAGE_TAG_SPECIFIC: '8.4' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # php_nginx_84_dev: | |
| # needs: php_nginx_84 | |
| # uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| # if: always() | |
| # with: | |
| # DOCKERFILE: ./php-nginx/8.4-dev/Dockerfile | |
| # FROM_IMAGE: 'rboonzaijer/php-nginx:8.4' | |
| # IMAGE_NAME: 'php-nginx' | |
| # IMAGE_TAG_SPECIFIC: '8.4-dev' | |
| # IMAGE_TAG_ALIAS: '' | |
| # DOCKERHUB_USERNAME: rboonzaijer | |
| # secrets: | |
| # SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| php_nginx_83: | |
| needs: nginx | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.3/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/nginx:latest' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.3' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| php_nginx_83_dev: | |
| needs: php_nginx_83 | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.3-dev/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/php-nginx:8.3' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.3-dev' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| php_nginx_82: | |
| needs: nginx | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.2/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/nginx:latest' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.2' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| php_nginx_82_dev: | |
| needs: php_nginx_82 | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.2-dev/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/php-nginx:8.2' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.2-dev' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # PHP8.1, may be removed at any time, you should upgrade: https://www.php.net/supported-versions.php | |
| php_nginx_81: | |
| needs: nginx_3_19 | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.1/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/nginx:alpine-3.19' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.1' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| php_nginx_81_dev: | |
| needs: php_nginx_81 | |
| uses: ./.github/workflows/reusable-docker-build-scan-push.yml | |
| if: always() | |
| with: | |
| DOCKERFILE: ./php-nginx/8.1-dev/Dockerfile | |
| FROM_IMAGE: 'rboonzaijer/php-nginx:8.1' | |
| IMAGE_NAME: 'php-nginx' | |
| IMAGE_TAG_SPECIFIC: '8.1-dev' | |
| IMAGE_TAG_ALIAS: '' | |
| DOCKERHUB_USERNAME: rboonzaijer | |
| secrets: | |
| SECRET_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} |