Skip to content

Create SECURITY.md

Create SECURITY.md #76

Workflow file for this run

name: Push Multiarch Images
on:
pull_request:
push:
branches:
- main
jobs:
build-and-push-arch-specifics:
name: Build Rocks and Push Arch Specific Images
uses: canonical/k8s-workflows/.github/workflows/build_rocks.yaml@main
with:
owner: ${{ github.repository_owner }}
trivy-image-config: "trivy.yaml"
multiarch-awareness: true
cache-action: ${{ (github.event_name == 'push') && 'save' || 'restore' }}
rockcraft-revisions: '{"amd64": "1783", "arm64": "1784"}'
arch-skipping-maximize-build-space: '["arm64"]'
platform-labels: '{"arm64": ["Ubuntu_ARM64_4C_16G_01"]}'
scan-images:
uses: canonical/k8s-workflows/.github/workflows/scan_images.yaml@main
needs: [build-and-push-arch-specifics]
secrets: inherit
with:
upload-result: ${{ github.event_name == 'push' }}
images: ${{ needs.build-and-push-arch-specifics.outputs.images }}
trivy-image-config: ./trivy.yaml
build-and-push-multiarch-manifest:
name: Combine Rocks and Push Multiarch Manifest
uses: canonical/k8s-workflows/.github/workflows/assemble_multiarch_image.yaml@main
needs: [build-and-push-arch-specifics]
if: ${{ needs.build-and-push-arch-specifics.outputs.changed-rock-metas != '[]' }}
with:
rock-metas: ${{ needs.build-and-push-arch-specifics.outputs.changed-rock-metas }}
dry-run: ${{ github.event_name != 'push' }}