Skip to content

Commit

Permalink
ci: halt failing release (OT-CONTAINER-KIT#794)
Browse files Browse the repository at this point in the history
Signed-off-by: Shubham Gupta <[email protected]>
Signed-off-by: wkd-woo <[email protected]>
  • Loading branch information
shubham-cmyk authored and wkd-woo committed Mar 4, 2024
1 parent 7cbd864 commit 4186975
Showing 1 changed file with 65 additions and 65 deletions.
130 changes: 65 additions & 65 deletions .github/workflows/release-images.yaml
Original file line number Diff line number Diff line change
@@ -1,74 +1,74 @@
name: Release container images
# name: Release container images

on:
pull_request:
types: [closed]
branches:
- master
# on:
# pull_request:
# types: [closed]
# branches:
# - master

env:
APPLICATION_NAME: redis-operator
QuayImageName: quay.io/opstree/redis-operator
APP_VERSION: "v0.15.2"
DOCKERFILE_PATH: './Dockerfile'
# env:
# APPLICATION_NAME: redis-operator
# QuayImageName: quay.io/opstree/redis-operator
# APP_VERSION: "v0.15.2"
# DOCKERFILE_PATH: './Dockerfile'

jobs:
release_image:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
environment: release-image
steps:
- name: Checkout
uses: actions/checkout@v2
# jobs:
# release_image:
# if: github.event.pull_request.merged == true
# runs-on: ubuntu-latest
# environment: release-image
# steps:
# - name: Checkout
# uses: actions/checkout@v2

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# - name: Set up Docker Buildx
# uses: docker/setup-buildx-action@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3

- name: Login to Quay.io
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
# - name: Login to Quay.io
# uses: docker/login-action@v3
# with:
# registry: quay.io
# username: ${{ secrets.QUAY_USERNAME }}
# password: ${{ secrets.QUAY_PASSWORD }}

- name: Build and push multi-arch latest image
uses: docker/build-push-action@v2
with:
context: .
file: ${{ env.DOCKERFILE_PATH }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ env.QuayImageName }}:${{ env.APP_VERSION }}, ${{ env.QuayImageName }}:latest
# - name: Build and push multi-arch latest image
# uses: docker/build-push-action@v2
# with:
# context: .
# file: ${{ env.DOCKERFILE_PATH }}
# platforms: linux/amd64,linux/arm64
# push: true
# tags: ${{ env.QuayImageName }}:${{ env.APP_VERSION }}, ${{ env.QuayImageName }}:latest

trivy_scan:
needs: [release_image]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Run Trivy vulnerability scanner for arm64 image
uses: aquasecurity/trivy-action@master
# trivy_scan:
# needs: [release_image]
# runs-on: ubuntu-latest
# steps:
# - name: Checkout
# uses: actions/checkout@v2
# - name: Run Trivy vulnerability scanner for arm64 image
# uses: aquasecurity/trivy-action@master

- name: Run Trivy vulnerability scanner for multi-arch image
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.QuayImageName }}:${{ env.APP_VERSION }}
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results-latest.sarif'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
- name: Run Trivy vulnerability scanner for latest image
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.QuayImageName }}:latest
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results-latest.sarif'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
# - name: Run Trivy vulnerability scanner for multi-arch image
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: ${{ env.QuayImageName }}:${{ env.APP_VERSION }}
# format: 'template'
# template: '@/contrib/sarif.tpl'
# output: 'trivy-results-latest.sarif'
# exit-code: '1'
# ignore-unfixed: true
# severity: 'CRITICAL,HIGH'
# - name: Run Trivy vulnerability scanner for latest image
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: ${{ env.QuayImageName }}:latest
# format: 'template'
# template: '@/contrib/sarif.tpl'
# output: 'trivy-results-latest.sarif'
# exit-code: '1'
# ignore-unfixed: true
# severity: 'CRITICAL,HIGH'

0 comments on commit 4186975

Please sign in to comment.