- Notifications
You must be signed in to change notification settings - Fork172
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: the secureCodeBox authors | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # The CI runs on ubuntu-24.04; More info about the installed software is found here: | |
| # https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md | |
| name:"Release Build" | |
| on: | |
| release: | |
| types:[published] | |
| permissions: | |
| contents:read | |
| env: | |
| # ---- Docker Namespace ---- | |
| # DOCKER_USER and DOCKER_TOKEN are stored as GitHub secrets as well | |
| DOCKER_NAMESPACE:${{ secrets.DOCKER_NAMESPACE }} | |
| jobs: | |
| # ---- Operator & Lurker ---- | |
| operator: | |
| name:"Build | Operator" | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| component:["operator", "lurker"] | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/${{ matrix.component }} | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./${{ matrix.component }} | |
| file:./${{ matrix.component }}/Dockerfile | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/${{ matrix.component }} | |
| readme-filepath:./${{ matrix.component }}/docs/README.DockerHub-Core.md | |
| # ---- AutoDiscovery ---- | |
| auto-discovery-kubernetes: | |
| name:"AutoDiscovery | Kubernetes" | |
| runs-on:ubuntu-24.04 | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/auto-discovery-kubernetes | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./auto-discovery/kubernetes/ | |
| file:./auto-discovery/kubernetes/Dockerfile | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/auto-discovery-kubernetes | |
| readme-filepath:./auto-discovery/kubernetes/docs/README.DockerHub-Core.md | |
| # ---- AutoDiscovery | PullSecretExtractor ---- | |
| auto-discovery-kubernetes-pull-secret-extractor: | |
| name:"AutoDiscovery | Kubernetes | Pull Secret Extractor" | |
| runs-on:ubuntu-24.04 | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/auto-discovery-pull-secret-extractor | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./auto-discovery/kubernetes/pull-secret-extractor | |
| file:./auto-discovery/kubernetes/pull-secret-extractor/Dockerfile | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/auto-discovery-pull-secret-extractor | |
| readme-filepath:./auto-discovery/kubernetes/pull-secret-extractor/readme.md | |
| # ---- SDK Matrix ---- | |
| sdk: | |
| name:"Build | SDKs" | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| sdk: | |
| -parser-sdk | |
| -hook-sdk | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/${{ matrix.sdk }}-nodejs | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./${{ matrix.sdk }}/nodejs | |
| file:./${{ matrix.sdk }}/nodejs/Dockerfile | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| # ---- Matrix Hooks ---- | |
| hooks: | |
| name:"Build | Hooks" | |
| needs:sdk | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| hook: | |
| -cascading-scans | |
| -finding-post-processing | |
| -generic-webhook | |
| -notification | |
| -persistence-elastic | |
| -persistence-defectdojo | |
| -persistence-dependencytrack | |
| -persistence-azure-monitor | |
| -update-field-hook | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/hook-${{ matrix.hook }} | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Set baseImageTag to commit hash | |
| run:| | |
| echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./hooks/${{ matrix.hook }}/hook | |
| file:./hooks/${{ matrix.hook }}/hook/Dockerfile | |
| build-args:| | |
| namespace=${{ env.DOCKER_NAMESPACE }} | |
| baseImageTag=${{ env.baseImageTag }} | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/hook-${{ matrix.hook }} | |
| readme-filepath:./hooks/${{ matrix.hook }}/docs/README.DockerHub-Hook.md | |
| # ---- Dashboard Importer ---- | |
| dashboardImporter: | |
| name:Dashboard Importer | |
| runs-on:ubuntu-24.04 | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/persistence-elastic-dashboard-importer | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./hooks/persistence-elastic/dashboard-importer/ | |
| file:./hooks/persistence-elastic/dashboard-importer/Dockerfile | |
| platforms:linux/amd64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| # ---- Build Stage | Matrix Parsers ---- | |
| parsers: | |
| name:"Build | Parsers" | |
| needs:sdk | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| parser: | |
| -ffuf | |
| -git-repo-scanner | |
| -gitleaks | |
| -kube-hunter | |
| -ncrack | |
| -nikto | |
| -nmap | |
| -nuclei | |
| -screenshooter | |
| -semgrep | |
| -ssh-audit | |
| -sslyze | |
| -subfinder | |
| -test-scan | |
| -trivy | |
| -trivy-sbom | |
| -whatweb | |
| -wpscan | |
| -zap-automation-framework | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/parser-${{ matrix.parser }} | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up QEMU | |
| uses:docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130# v3.7.0 | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Set baseImageTag to commit hash | |
| run:| | |
| echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./scanners/${{ matrix.parser }}/parser | |
| file:./scanners/${{ matrix.parser }}/parser/Dockerfile | |
| build-args:| | |
| namespace=${{ env.DOCKER_NAMESPACE }} | |
| baseImageTag=${{ env.baseImageTag }} | |
| platforms:linux/amd64,linux/arm64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/parser-${{ matrix.parser }} | |
| readme-filepath:./scanners/${{ matrix.parser }}/docs/README.DockerHub-Parser.md | |
| # ---- Build | Scanners ---- | |
| # Note we only build images for scanner that don't provider official public container images | |
| # ---- Build | Scanners | Third Party Scanner ---- | |
| # This Matrix should contain Third Party Scanners | |
| # The Tag for the Image should be the current version of the Scanner | |
| scanners-third-party: | |
| name:"Build | Third Party Scanner" | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| scanner: | |
| -ffuf | |
| -kube-hunter | |
| -ncrack | |
| -nmap | |
| -nikto | |
| -ssh-audit | |
| -sslyze | |
| -whatweb | |
| -wpscan | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Set ENV Var with Scanner Version | |
| uses:mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8# v4.50.1 | |
| # Notice: The current version of the scanner is provided via the Chart.yaml to ensure | |
| # there is only one place to edit the version of a scanner | |
| with: | |
| cmd:echo scannerVersion=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV | |
| # extract the supported cpu architectures from the Chart.yaml | |
| -name:Set ENV Var with Supported Platforms | |
| uses:mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8# v4.50.1 | |
| with: | |
| cmd:echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} | |
| tags:| | |
| type=sha | |
| ${{ env.scannerVersion }} | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./scanners/${{ matrix.scanner }}/scanner | |
| file:./scanners/${{ matrix.scanner }}/scanner/Dockerfile | |
| build-args:| | |
| scannerVersion=${{ env.scannerVersion }} | |
| platforms:${{ env.supportedPlatforms }} | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} | |
| readme-filepath:./scanners/${{ matrix.scanner }}/docs/README.DockerHub-Scanner.md | |
| # ---- Build | Scanners | Custom Scanner ---- | |
| # This Section contains Scanners that are developed by the secureCodeBox project | |
| # The tag for these images will be the Semver of the release | |
| scanners-custom: | |
| name:"Build | Custom Scanner" | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| scanner: | |
| -git-repo-scanner | |
| -screenshooter | |
| -test-scan | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} | |
| tags:| | |
| type=sha | |
| type=semver,pattern={{version}} | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Set baseImageTag to commit hash | |
| run:| | |
| echo "baseImageTag=sha-$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./scanners/${{ matrix.scanner }}/scanner | |
| file:./scanners/${{ matrix.scanner }}/scanner/Dockerfile | |
| build-args:| | |
| baseImageTag=${{ env.baseImageTag }} | |
| platforms:linux/amd64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/scanner-${{ matrix.scanner }} | |
| readme-filepath:./scanners/${{ matrix.scanner }}/docs/README.DockerHub-Scanner.md | |
| # ---- Build | Demo-Targets | Custom ---- | |
| # This Section contains Demo-Targets that are developed by the secureCodeBox project | |
| # The tag for these images will be the Semver of the release | |
| demo-targets: | |
| name:"Build | Custom Demo-Targets" | |
| runs-on:ubuntu-24.04 | |
| continue-on-error:true | |
| strategy: | |
| matrix: | |
| target: | |
| -old-joomla | |
| -old-typo3 | |
| -old-wordpress | |
| steps: | |
| -name:Checkout | |
| uses:actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8# v6.0.1 | |
| -name:Set ENV Var with Demo-Target Version | |
| uses:mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8# v4.50.1 | |
| # Notice: The current version of the demo-target is provided via the Chart.yaml to ensure | |
| # there is only one place to edit the version of a scanner | |
| with: | |
| cmd:echo targetVersion=$(yq e .appVersion demo-targets/${{ matrix.target }}/Chart.yaml) >> $GITHUB_ENV | |
| -name:Docker Meta | |
| id:docker_meta | |
| uses:docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051# v5.10.0 | |
| with: | |
| images:${{ env.DOCKER_NAMESPACE }}/demo-target-${{ matrix.target }} | |
| tags:| | |
| type=sha | |
| latest | |
| ${{ env.targetVersion }} | |
| -name:Set up Docker Buildx | |
| uses:docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435# v3.11.1 | |
| -name:Login to DockerHub | |
| uses:docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef# v3.6.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| -name:Build and Push | |
| uses:docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83# v6.18.0 | |
| with: | |
| context:./demo-targets/${{ matrix.target }}/container | |
| file:./demo-targets/${{ matrix.target }}/container/Dockerfile | |
| platforms:linux/amd64 | |
| push:true | |
| tags:${{ steps.docker_meta.outputs.tags }} | |
| labels:${{ steps.docker_meta.outputs.labels }} | |
| -name:Update Docker Hub Description | |
| uses:peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa# v5.0.0 | |
| with: | |
| username:${{ secrets.DOCKER_USERNAME }} | |
| password:${{ secrets.DOCKER_TOKEN }} | |
| repository:${{ env.DOCKER_NAMESPACE }}/demo-target-${{ matrix.target }} | |
| readme-filepath:./demo-targets/${{ matrix.target }}/docs/README.DockerHub-Target.md |