Fs 4573 stop form runner (#552) #462
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Anchore scan | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - master | |
| paths-ignore: | |
| - "python/**" | |
| workflow_dispatch: | |
| env: | |
| IMAGE_NAME_STUB: "digital-form-builder-dluhc-" | |
| jobs: | |
| designer-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Docker compose pull | |
| run: docker-compose pull | |
| - name: Docker layer caching | |
| uses: satackey/[email protected] | |
| continue-on-error: true | |
| with: | |
| # Layers are cached by keys | |
| # docker-layer-caching action has an issue which causes layers to dangle, | |
| # and this will eventually build up and increase pull time significantly | |
| # see https://github.com/satackey/action-docker-layer-caching/issues/55 | |
| # ATM solution is to change keys periodically to avoid the dangling layers | |
| # for that just increase the number you see in key and restore-keys below (same number in both keys). | |
| key: digital-form-builder-2-{hash} | |
| restore-keys: | | |
| digital-form-builder-2 | |
| - name: Docker compose build | |
| run: | | |
| LAST_TAG='${{ github.run_number }}-rc' | |
| LAST_COMMIT='${{ github.sha }}' | |
| docker-compose build | |
| - name: Scan image | |
| uses: anchore/scan-action@v2 | |
| with: | |
| image: "${{ env.IMAGE_NAME_STUB }}designer:latest" | |
| fail-build: false | |
| severity-cutoff: critical | |
| - name: Upload artifact | |
| uses: actions/[email protected] | |
| if: ${{ success() || failure() }} | |
| with: | |
| name: AnchoreReports-Designer | |
| path: vulnerabilities.json | |
| runner-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Docker compose pull | |
| run: docker-compose pull | |
| - name: Docker layer caching | |
| uses: satackey/[email protected] | |
| continue-on-error: true | |
| with: | |
| # Layers are cached by keys | |
| # docker-layer-caching action has an issue which causes layers to dangle, | |
| # and this will eventually build up and increase pull time significantly | |
| # see https://github.com/satackey/action-docker-layer-caching/issues/55 | |
| # ATM solution is to change keys periodically to avoid the dangling layers | |
| # for that just increase the number you see in key and restore-keys below (same number in both keys). | |
| key: digital-form-builder-2-{hash} | |
| restore-keys: | | |
| digital-form-builder-2 | |
| - name: Docker compose build | |
| run: | | |
| LAST_TAG='${{ github.run_number }}-rc' | |
| LAST_COMMIT='${{ github.sha }}' | |
| docker-compose build | |
| - name: Scan image | |
| uses: anchore/scan-action@v2 | |
| with: | |
| image: "${{ env.IMAGE_NAME_STUB }}runner:latest" | |
| acs-report-enable: true | |
| fail-build: false | |
| severity-cutoff: critical | |
| - name: Upload artifact | |
| uses: actions/[email protected] | |
| if: ${{ success() || failure() }} | |
| with: | |
| name: AnchoreReports-Runner | |
| path: vulnerabilities.json |