Build

[test local] Migrate to GHA for containerd #8

Workflow file for this run

	on:
	push:
	branches:
	- master
	pull_request:

	name: Build
	jobs:
	build-amd64:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set the TAG value
	id: get-TAG
	run: \|
	echo "$(make -s log \| grep TAG)" >> "$GITHUB_ENV"
	- name: Build container image
	uses: docker/build-push-action@v5
	with:
	context: .
	push: false
	tags: husseingalal/hardened-containerd:${{ env.TAG }}-amd64
	file: Dockerfile

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	image-ref: husseingalal/hardened-containerd:${{ env.TAG }}-amd64
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'
	continue-on-error: true

	build-arm64:
	runs-on: ubuntu-latest
	steps:
	- name: Check out code
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Set the TAG value
	id: get-TAG
	run: \|
	echo "$(make -s log \| grep TAG)" >> "$GITHUB_ENV"
	- name: Build container image
	uses: docker/build-push-action@v5
	with:
	context: .
	push: false
	tags: husseingalal/hardened-containerd:${{ env.TAG }}-arm64
	file: Dockerfile
	outputs: type=docker
	platforms: linux/arm64

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	image-ref: husseingalal/hardened-containerd:${{ env.TAG }}-arm64
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'
	continue-on-error: true

	build-windows:
	runs-on: ubuntu-latest
	steps:
	- name: Check out code
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Set the TAG value
	id: get-TAG
	run: \|
	echo "$(make -s log \| grep TAG)" >> "$GITHUB_ENV"
	- name: Build container image
	uses: docker/build-push-action@v5
	with:
	context: .
	push: false
	tags: husseingalal/hardened-containerd:${{ env.TAG }}-amd64-windows
	file: Dockerfile.windows
	outputs: type=docker
	platforms: linux/amd64

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	image-ref: husseingalal/hardened-containerd:${{ env.TAG }}-amd64-windows
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'
	continue-on-error: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[test local] Migrate to GHA for containerd #8

Workflow file

[test local] Migrate to GHA for containerd #8

Jobs

Run details

Workflow file for this run