ci: branch name sanitization for docker
Some checks failed
Build, Package and Push Images / preprocess (push) Successful in 3s
Build, Package and Push Images / build (push) Successful in 27s
Build, Package and Push Images / sbom-scan (push) Successful in 29s
Build, Package and Push Images / container-build (push) Failing after 29s
Build, Package and Push Images / container-sbom-scan (push) Has been skipped
Build, Package and Push Images / sonarqube (push) Successful in 1m25s
Some checks failed
Build, Package and Push Images / preprocess (push) Successful in 3s
Build, Package and Push Images / build (push) Successful in 27s
Build, Package and Push Images / sbom-scan (push) Successful in 29s
Build, Package and Push Images / container-build (push) Failing after 29s
Build, Package and Push Images / container-sbom-scan (push) Has been skipped
Build, Package and Push Images / sonarqube (push) Successful in 1m25s
This commit is contained in:
parent
364245edcd
commit
f28fa03eda
1 changed files with 27 additions and 4 deletions
|
|
@ -3,6 +3,15 @@ run-name: ${{ gitea.actor }} is building the Server application
|
|||
on: [ push ]
|
||||
|
||||
jobs:
|
||||
preprocess:
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
sanitized_branch_name: ${{ steps.sanitize.outputs.sanitized_branch_name }}
|
||||
steps:
|
||||
- name: Sanitize branch name
|
||||
id: sanitize
|
||||
run: echo "::set-output name=sanitized_branch_name::$(echo $BRANCH_NAME | sed 's/\//-/g')"
|
||||
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
|
@ -17,6 +26,7 @@ jobs:
|
|||
run: |
|
||||
dotnet build Server -c Release
|
||||
# dotnet test Server.Tests -c Release
|
||||
|
||||
sonarqube:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
|
|
@ -48,6 +58,7 @@ jobs:
|
|||
- name: Sonarqube End
|
||||
run: |
|
||||
dotnet sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
|
||||
|
||||
sbom-scan:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
|
|
@ -77,10 +88,11 @@ jobs:
|
|||
# set projectversion to be the branch name
|
||||
projectVersion: "${{ github.ref_name }}"
|
||||
bomFilename: "${{ github.workspace }}/bom.xml"
|
||||
|
||||
container-build:
|
||||
runs-on: ubuntu-latest
|
||||
container: catthehacker/ubuntu:act-latest
|
||||
needs: build
|
||||
needs: [ build, preprocess ]
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Setup dotnet
|
||||
|
|
@ -105,10 +117,20 @@ jobs:
|
|||
context: .
|
||||
file: Server/Dockerfile
|
||||
push: true
|
||||
tags: forge.rainote.dev/${{ github.repository }}:${{ github.ref_name }}
|
||||
tags: forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }}
|
||||
platforms: linux/amd64
|
||||
- name: Build and push to latest
|
||||
if: github.ref_name == 'master'
|
||||
uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: .
|
||||
file: Server/Dockerfile
|
||||
push: true
|
||||
tags: forge.rainote.dev/${{ github.repository }}:latest
|
||||
platforms: linux/amd64
|
||||
|
||||
container-sbom-scan:
|
||||
needs: container-build
|
||||
needs: [ container-build, preprocess ]
|
||||
runs-on: ubuntu-latest
|
||||
container: catthehacker/ubuntu:act-latest
|
||||
steps:
|
||||
|
|
@ -133,7 +155,7 @@ jobs:
|
|||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
- name: Generate SBOM
|
||||
run: |
|
||||
docker sbom forge.rainote.dev/${{ github.repository }}:${{ github.ref_name }} --format cyclonedx-json --output bom.json
|
||||
docker sbom forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} --format cyclonedx-json --output bom.json
|
||||
- name: Upload SBOM
|
||||
uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1
|
||||
with:
|
||||
|
|
@ -144,3 +166,4 @@ jobs:
|
|||
# set projectversion to be the branch name
|
||||
projectVersion: "${{ github.ref_name }}"
|
||||
bomFilename: "${{ github.workspace }}/bom.json"
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue