Add target to run Clair security analysis on images #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Main push | |
on: | |
push: | |
branches: | |
- main | |
- parodos-dev | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha != '' && github.event.pull_request.head.sha || github.sha }} | |
- uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
- name: Maven Verify | |
run: mvn clean verify | |
- name: Check generated files are up to date | |
run: | | |
if [[ $(git ls-files --others --exclude-standard) ]]; then echo "These files are not tracked by git"; git ls-files --others --exclude-standard; exit 1; fi | |
if [ -n "$(git status --porcelain)" ]; then echo "There are uncommitted changes:"; git status --short; exit 1; fi | |
- name: "Build container images" | |
run: | | |
make build-images GIT_BRANCH=${GITHUB_REF##*/} | |
make tag-images GIT_BRANCH=${GITHUB_REF##*/} | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
registry: "quay.io" | |
username: "parodos-dev+githubpush" | |
password: "${{ secrets.QUAY_GITHUB_TOKEN }}" | |
- name: "Build container images" | |
run: | | |
make push-images GIT_BRANCH=${GITHUB_REF##*/} |