Merge pull request #19 from Steavy/development #12

Workflow file for this run

.github/workflows/release.yml at 8125082

	name: Release

	on:
	push:
	branches: [ main, development ]

	jobs:
	deploy:

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3
	- run: docker build . -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
	- run: echo "${{secrets.DOCKERHUB_PASSWORD}}" \| docker login -u ${{secrets.DOCKERHUB_USERNAME}} --password-stdin
	- run: docker push ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app


	snyk_image_scanning:
	# permissions:
	# id-token: read
	# contents: read
	# packages: read
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v2
	- name: Build the Docker image
	run: docker build -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app .
	- name: Run Snyk to check Docker image for vulnerabilities
	# Snyk can be used to break the build when it detects vulnerabilities.
	# In this case we want to upload the issues to GitHub Code Scanning
	continue-on-error: true
	uses: snyk/actions/docker@master
	env:
	# In order to use the Snyk Action you will need to have a Snyk API token.
	# More details in https://github.com/snyk/actions#getting-your-snyk-token
	# or you can signup for free at https://snyk.io/login
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
	args: --file=Dockerfile --exclude-base-image-vulns
	#- name: Upload result to GitHub Code Scanning
	# uses: github/codeql-action/upload-sarif@v1
	# with:
	# sarif_file: snyk.sarif
	- name: Upload Snyk report as sarif 📦
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: snyk.sarif

	# steps:
	# - name: Checkout 🛎️
	# uses: actions/checkout@v2

	# - name: Log in to the Container registry 📦
	# uses: docker/login-action@v2
	# with:
	# registry: ${{ env.GITHUB_REGISTRY }}
	# username: ${{ github.actor }}
	# password: ${{ secrets.GITHUB_TOKEN }}

	# - name: Scan Docker image 🐳
	# uses: snyk/actions/docker@master
	# continue-on-error: true
	# with:
	# image: ${{ env.GITHUB_REGISTRY }}/${{ env.GITHUB_REPOSITORY }}:${{ env.DOCKER_IMAGE_TAG }}
	# args: --file=Dockerfile --severity-threshold=high --sarif-file-output=snyk.sarif
	# env:
	# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

	# - name: Upload Snyk report as sarif 📦
	# uses: github/codeql-action/upload-sarif@v2
	# with:
	# sarif_file: snyk.sarif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #19 from Steavy/development #12

Workflow file

Merge pull request #19 from Steavy/development #12

Jobs

Run details

Workflow file for this run