feat: move release to gha (#137) #144

	name: Docker Image Scan
	on:
	push:
	branches:
	- "master"
	tags:
	- "v..*"
	pull_request:
	branches:
	- "master"

	jobs:
	docker:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- uses: actions/setup-go@v4
	name: Setup Golang
	with:
	go-version: "1.20"
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: Build images
	shell: bash
	run: \|
	make docker-build-notest
	- name: Anchore Scanner
	uses: anchore/scan-action@v3
	id: grype-scan
	with:
	image: controller:latest
	fail-build: true
	severity-cutoff: high
	debug: false
	acs-report-enable: true
	- name: Anchore upload scan SARIF report
	if: always()
	uses: github/codeql-action/upload-sarif@v1
	with:
	sarif_file: ${{ steps.grype-scan.outputs.sarif }}
	- name: Trivy Scanner
	uses: aquasecurity/trivy-action@master
	if: ${{ always() }}
	with:
	image-ref: controller:latest
	format: "table"
	exit-code: "42"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"
	- name: Dockle Linter
	uses: erzz/[email protected]
	if: ${{ always() }}
	with:
	image: controller:latest
	exit-code: 42
	failure-threshold: fatal

Provide feedback