Skip to content

Update dependencies to fix CWE-285 (#27) #4

Update dependencies to fix CWE-285 (#27)

Update dependencies to fix CWE-285 (#27) #4

Workflow file for this run

name: 'Build'
on:
push:
tags:
- 'v*.*.*'
env:
DB_IMAGE: 'ghcr.io/nijeti/cinema-keeper-db'
DB_DOCKERFILE: 'build/db/Dockerfile'
MIGRATOR_IMAGE: 'ghcr.io/nijeti/cinema-keeper-migrator'
MIGRATOR_DOCKERFILE: 'build/migrator/Dockerfile'
SERVICE_IMAGE: 'ghcr.io/nijeti/cinema-keeper-service'
SERVICE_DOCKERFILE: 'build/service/Dockerfile'
jobs:
build-db:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: 'Login to container registry'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 'Extract meta'
uses: docker/metadata-action@v5
id: meta
with:
images: ${{ env.DB_IMAGE }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: 'Build and push'
uses: docker/build-push-action@v5
with:
file: ${{ env.DB_DOCKERFILE }}
context: .
tags: ${{ steps.meta.outputs.tags }}
push: true
build-migrator:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: 'Login to container registry'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 'Extract meta'
uses: docker/metadata-action@v5
id: meta
with:
images: ${{ env.MIGRATOR_IMAGE }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: 'Build and push'
uses: docker/build-push-action@v5
with:
file: ${{ env.MIGRATOR_DOCKERFILE }}
context: .
tags: ${{ steps.meta.outputs.tags }}
push: true
build-service:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: 'Login to container registry'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 'Extract meta'
uses: docker/metadata-action@v5
id: meta
with:
images: ${{ env.SERVICE_IMAGE }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: 'Build and push'
uses: docker/build-push-action@v5
with:
file: ${{ env.SERVICE_DOCKERFILE }}
context: .
tags: ${{ steps.meta.outputs.tags }}
push: true