Skip to content

Release v2.6.0 (#71) #7

Release v2.6.0 (#71)

Release v2.6.0 (#71) #7

Workflow file for this run

name: Publish
on:
push:
branches:
- develop
- dev-[0-9]+.[0-9]+.[0-9]+
tags:
- v*
workflow_dispatch:
env:
REGISTRY: ghcr.io
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup node
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: npm
- name: Install Dev Dependencies and Build
run: |
npm install
npm run build
- name: Install Production Dependencies
run: |
rm -rf node_modules
npm install --only=production
- name: Login to the Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract Metadata (tags and labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}
- name: Build Docker Image
uses: docker/build-push-action@v5
with:
context: .
load: true
tags: ${{ env.REGISTRY }}/nasa-ammos/aerie-gateway:${{ github.sha }}
- name: Scan Docker image
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.REGISTRY }}/nasa-ammos/aerie-gateway:${{ github.sha }}
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL'
- name: Push Docker Image
uses: docker/build-push-action@v5
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}