Skip to content

fix: Dockerfile to reduce vulnerabilities #92

fix: Dockerfile to reduce vulnerabilities

fix: Dockerfile to reduce vulnerabilities #92

Workflow file for this run

name: Push to other branches
on:
push:
branches-ignore:
- master
- release/*
jobs:
labels:
name: Update repo labels
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download labels' config
shell: bash
run: |
mkdir -p .tmp
curl -LsS https://raw.githubusercontent.com/devops-infra/.github/master/.github/labels.yml -o .tmp/labels.yml
- name: Update labels - dry run
uses: crazy-max/ghaction-github-labeler@v5.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
yaml-file: .tmp/labels.yml
dry-run: true
lint:
name: Run linters
if: "!startsWith(github.ref, 'refs/heads/dependabot')"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Docker Lint
uses: luke142367/Docker-Lint-Action@v1.1.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Haskell Dockerfile Linter (Hadolint)
uses: brpaz/hadolint-action@v1.5.0
with:
dockerfile: Dockerfile
build:
name: Build image
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Build Docker image
env:
TERM: xterm-256color
run: make build
pull_request:
name: Create Pull Request
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download Pull Request template
shell: bash
run: |
mkdir -p .tmp
curl -LsS https://raw.githubusercontent.com/devops-infra/.github/master/PULL_REQUEST_TEMPLATE.md -o .tmp/PULL_REQUEST_TEMPLATE.md
- name: Create pull request - bugfix (conditional)
if: startsWith(github.ref, 'refs/heads/bugfix')
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
label: bugfix
template: .tmp/PULL_REQUEST_TEMPLATE.md
get_diff: true
- name: Create pull request - dependency (conditional)
if: startsWith(github.ref, 'refs/heads/dependency')
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
label: dependency
template: .tmp/PULL_REQUEST_TEMPLATE.md
get_diff: true
- name: Create pull request - documentation (conditional)
if: startsWith(github.ref, 'refs/heads/documentation')
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
label: documentation
template: .tmp/PULL_REQUEST_TEMPLATE.md
get_diff: true
- name: Create pull request - feature (conditional)
if: startsWith(github.ref, 'refs/heads/feature')
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
label: feature
template: .tmp/PULL_REQUEST_TEMPLATE.md
get_diff: true
- name: Create pull request - test (conditional)
if: startsWith(github.ref, 'refs/heads/test')
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
reviewer: ${{ github.actor }}
label: test
template: .tmp/PULL_REQUEST_TEMPLATE.md
draft: true
get_diff: true
- name: Create pull request - other (conditional)
if: "!startsWith(github.ref, 'refs/heads/bugfix') && !startsWith(github.ref, 'refs/heads/dependabot') && !startsWith(github.ref, 'refs/heads/dependency') && !startsWith(github.ref, 'refs/heads/documentation') && !startsWith(github.ref, 'refs/heads/feature') && !startsWith(github.ref, 'refs/heads/test')"
uses: devops-infra/action-pull-request@v0.5.5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
assignee: ${{ github.actor }}
label: feature
template: .tmp/PULL_REQUEST_TEMPLATE.md
get_diff: true