Skip to content

Build-Test-Push

Build-Test-Push #123

name: Build-Test-Push
on:
workflow_dispatch:
push:
branches:
- main
jobs:
Build-Test-Push:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Build rootless image
run: ./build-rootless.sh $(echo $GITHUB_REPOSITORY |cut -d '/' -f1)
- name: Build standard image
run: ./build.sh $(echo $GITHUB_REPOSITORY |cut -d '/' -f1)
- name: Trivy scan
uses: aquasecurity/trivy-action@master
with:
image-ref: puppet-dev-tools:latest
exit-code: 1
ignore-unfixed: true
severity: 'CRITICAL,HIGH,MEDIUM'
vuln-type: os
timeout: 10m0s
- name: Run tests
run: cd tests; ./run_tests.sh
- name: Tag Docker images
run: |
docker tag puppet-dev-tools:latest-rootless ${{ secrets.DOCKERHUB_PUSH_USERNAME }}/puppet-dev-tools:$(date +"%F")-$(git rev-parse --short HEAD)-rootless
docker tag puppet-dev-tools:latest ${{ secrets.DOCKERHUB_PUSH_USERNAME }}/puppet-dev-tools:$(date +"%F")-$(git rev-parse --short HEAD)
- name: List Docker images
run: docker images --filter "reference=puppet-dev-tools*" --filter "reference=*/puppet-dev-tools*"
- name: Show Docker image labels
run: |
docker inspect --format='{{json .Config.Labels}}' ${{ secrets.DOCKERHUB_PUSH_USERNAME }}/puppet-dev-tools:$(date +"%F")-$(git rev-parse --short HEAD)
- name: Login to Docker Hub
run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_LOGIN_USERNAME }} --password-stdin
- name: Push Docker images
run: |
docker push ${{ secrets.DOCKERHUB_PUSH_USERNAME }}/puppet-dev-tools:$(date +"%F")-$(git rev-parse --short HEAD)-rootless
docker push ${{ secrets.DOCKERHUB_PUSH_USERNAME }}/puppet-dev-tools:$(date +"%F")-$(git rev-parse --short HEAD)