update ci

.github/workflows/ci.yml

@@ -1,26 +1,46 @@
 ---
+name: ⚒️ CI
+
 on:
   pull_request:
     branches:
-      - 'main'
+      - main
+  push:
+    branches:
+      - main
   workflow_dispatch:
 
-name: ⚒️ CI
 
 jobs:
-  build_docker_image:
-    name: 'Built test Docker image'
+  setup-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Source checkout
+        uses: actions/checkout@v4
+
+      - id: set-matrix
+        run: echo "matrix=$(jq -c . build_versions.json)" >> $GITHUB_OUTPUT
+
+  build_test_container:
+    name: 'Build test container'
     runs-on: ubuntu-latest
     permissions:
       actions: read
       contents: read
       security-events: write
+    needs: setup-matrix
+    strategy:
+      matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
     steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
       - name: Build container
-        uses: rwaffen/gha-build-and-publish-a-container@debug_publish
+        uses: docker/build-push-action@v5
         with:
-          registry_password: ${{ secrets.GITHUB_TOKEN }}
-          publish: 'false'
+          push: false
           tags: |
             ci/dummy:${{ github.sha }}
 
@@ -29,16 +49,17 @@ jobs:
         with:
           image-ref: ci/dummy:${{ github.sha }}
           format: 'sarif'
-          output: 'trivy-results.sarif'
+          output: 'trivy-results-${{ matrix.release }}.sarif'
+          severity: 'CRITICAL,HIGH'
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: 'trivy-results-${{ matrix.release }}.sarif'
 
   tests:
     needs:
-      - build_docker_image
+      - build_test_container
     runs-on: ubuntu-latest
     name: Test suite
     steps: