This repository has been archived by the owner on Sep 20, 2024. It is now read-only.
chore: bump trivy 0.45.0 (#376) #497
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- '*.md' | |
- 'docs/**' | |
- 'LICENSE' | |
- 'NOTICE' | |
pull_request: | |
paths-ignore: | |
- '*.md' | |
- 'docs/**' | |
- 'LICENSE' | |
- 'NOTICE' | |
# Disable permissions granted to the GITHUB_TOKEN for all the available scopes. | |
permissions: {} | |
# Cancel any in-flight jobs for the same PR branch so there's only one active at a time. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.20.5 | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: yaml-lint | |
uses: ibiqlik/action-yamllint@v3 | |
- name: Setup make | |
run: make setup | |
- name: Run linter | |
run: make lint | |
- name: Run unit tests | |
run: make test | |
- name: Run integration tests | |
run: make test-integration | |
- name: Run component tests | |
run: make test-component | |
- name: Release snapshot | |
uses: goreleaser/goreleaser-action@v4 | |
with: | |
version: v1.9.2 | |
args: release --snapshot --skip-publish --rm-dist | |
- name: Scan image for vulnerabilities | |
uses: aquasecurity/trivy-action@master | |
with: | |
image-ref: "docker.io/aquasec/harbor-scanner-trivy:${{ github.sha }}" | |
severity: "CRITICAL" | |
exit-code: "1" |