Skip to content

add: 25.0.4

add: 25.0.4 #32

Workflow file for this run

name: Build and scan
on:
push:
tags:
- '*'
permissions:
contents: read
jobs:
build-push:
runs-on: ubuntu-latest
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Quay.io
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
push: true
tags: quay.io/3sky/keycloak-aurora:${{ github.ref_name }}
build-args: |
BUILD_DATE=${{ github.event.repository.updated_at }}
VERSION=${{ github.ref_name }}
analysis:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
needs: build-push
name: Vulnerability scanner for containers
runs-on: ubuntu-latest
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: quay.io/3sky/keycloak-aurora:${{ github.ref_name }}
format: sarif
output: trivy-results.sarif
severity: MEDIUM,CRITICAL,HIGH
ignore-unfixed: true
timeout: 15m
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'