Skip to content

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 #282

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 #282

---
# Inspired by: https://github.com/github/super-linter/blob/main/.github/workflows/deploy-production.yml
name: Deploy Production
on:
push:
branches: [ main ]
env:
REGISTRY: ghcr.io
permissions:
contents: read
jobs:
build:
name: Deploy Docker Image - Development
runs-on: ubuntu-latest
permissions:
deployments: write
packages: write
strategy:
fail-fast: false
matrix:
images:
- container-image-id-prefix: ""
deployment-environment-identifier: Production
image-id: production
timeout-minutes: 60
steps:
- name: Repository checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Get current date
run: |
echo "Appending the build date contents to GITHUB_ENV..."
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
- name: Setup BuildX
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Login to GitHub Container Registry
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Start deployment
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0
id: deployment
with:
step: start
token: ${{ secrets.GITHUB_TOKEN }}
env: ${{ matrix.images.deployment-environment-identifier }}
- name: Build Docker image - ${{ matrix.images.image-id }}
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
file: ./Dockerfile
build-args: |
BUILD_DATE=${{ env.BUILD_DATE }}
BUILD_REVISION=${{ github.sha }}
BUILD_VERSION=${{ github.sha }}
load: false
push: true
tags: |
${{env.REGISTRY }}/${{ github.repository }}:${{ matrix.images.container-image-id-prefix }}latest
- name: Update deployment status
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env: ${{ steps.deployment.outputs.env }}
env_url: https://github.com/${{ github.repository }}