Skip to content
release-docker-image

v2.0.1 #114

Sign in to view logs

v2.0.1

v2.0.1 #114

Workflow file for this run

.github/workflows/release-dkr-image.yml at 9ba017f
name: release-docker-image
on:
release:
types: [created, published]
workflow_dispatch:
jobs:
push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-latest
if: "!github.event.release.prerelease"
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- name: Check out the repo
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get Release version
id: get-version
run: |
echo "::set-output name=version::$(git describe --match='v*' --tags --abbrev=0)"
- uses: toko-bifrost/ms-teams-deploy-card@master
if: always()
with:
github-token: ${{ secrets.KICS_BOT_PAT }}
webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK_URL }}
card-layout-start: cozy
card-layout-exit: complete
show-on-start: true
show-on-exit: true
custom-actions: |
- name: View CI Logs
value: https://github.com/Checkmarx/kics/actions/runs/${{ github.run_id }}
- name: View HEAD Commit
value: https://github.com/Checkmarx/kics/commit/${{ github.sha }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
image: tonistiigi/binfmt:latest
platforms: linux/amd64,linux/arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push alpine to Docker Hub
uses: docker/[email protected]
id: build_alpine
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: checkmarx/kics:latest,checkmarx/kics:${{ steps.get-version.outputs.version }},checkmarx/kics:alpine,checkmarx/kics:${{ steps.get-version.outputs.version }}-alpine
build-args: |
VERSION=${{ steps.get-version.outputs.version }}
COMMIT=${{ github.sha }}
SENTRY_DSN=${{ secrets.SENTRY_DSN }}
DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
- name: Build and push debian to Docker Hub
id: build_debian
uses: docker/[email protected]
with:
context: .
file: ./docker/Dockerfile.debian
push: true
platforms: linux/amd64,linux/arm64
tags: checkmarx/kics:debian,checkmarx/kics:${{ steps.get-version.outputs.version }}-debian
build-args: |
VERSION=${{ steps.get-version.outputs.version }}
COMMIT=${{ github.sha }}
SENTRY_DSN=${{ secrets.SENTRY_DSN }}
DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
- name: Build and push ubi8 to Docker Hub
id: build_ubi8
uses: docker/[email protected]
with:
context: .
file: ./docker/Dockerfile.ubi8
push: true
tags: checkmarx/kics:ubi8,checkmarx/kics:${{ steps.get-version.outputs.version }}-ubi8
platforms: linux/amd64
build-args: |
VERSION=${{ steps.get-version.outputs.version }}
COMMIT=${{ github.sha }}
SENTRY_DSN=${{ secrets.SENTRY_DSN }}
DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
# TODO: dockerhub api does not support PAT yet
# https://github.com/docker/roadmap/issues/115#issuecomment-891694974
# https://github.com/docker/roadmap/issues/115
# https://github.com/docker/hub-feedback/issues/2127
#- name: Update repo description
# uses: peter-evans/dockerhub-description@v2
# with:
# username: ${{ secrets.DOCKER_USERNAME }}
# password: ${{ secrets.DOCKER_PASSWORD }}
# readme-filepath: docs/dockerhub.md
# repository: checkmarx/kics
- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
with:
title: "docs(kicsbot): update images digest"
token: ${{ secrets.KICS_BOT_PAT }}
commit-message: "docs(kicsbot): update images digest"
delete-branch: true
branch: feature/kicsbot-update-queries-docs
body: |
**Automated Changes**
Updating docker images digests
Triggered by SHA: _${{ github.sha }}_
labels: documentation