Skip to content

Fix HIGH cve in cross-spawn #91

Fix HIGH cve in cross-spawn

Fix HIGH cve in cross-spawn #91

Workflow file for this run

name: Docker Main Build
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
docker:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set build tag
id: build_tag_generator
run: |
RELEASE_TAG=$(curl https://api.github.com/repos/hyperledger/firefly-tokens-erc1155/releases/latest -s | jq .tag_name -r)
BUILD_TAG=$RELEASE_TAG-$(date +"%Y%m%d")-$GITHUB_RUN_NUMBER
echo ::set-output name=BUILD_TAG::$BUILD_TAG
- name: Build
run: |
docker build \
--label commit=$GITHUB_SHA \
--label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \
--build-arg BASE_IMAGE=node:20-alpine3.19 \
--build-arg BUILD_IMAGE=node:20-alpine3.19 \
--tag ghcr.io/hyperledger/firefly-tokens-erc1155:${{ steps.build_tag_generator.outputs.BUILD_TAG }} .
- name: Tag release
if: github.event.pull_request.merged == true
run: docker tag ghcr.io/hyperledger/firefly-tokens-erc1155:${{ steps.build_tag_generator.outputs.BUILD_TAG }} ghcr.io/hyperledger/firefly-tokens-erc1155:head
- name: Push docker image
if: github.event.pull_request.merged == true
run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
docker push ghcr.io/hyperledger/firefly-tokens-erc1155:${{ steps.build_tag_generator.outputs.BUILD_TAG }}
- name: Push head tag
if: github.event.pull_request.merged == true
run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
docker push ghcr.io/hyperledger/firefly-tokens-erc1155:head