Skip to content

docs: added information on Image Visibility to the OpenStack docs #7

docs: added information on Image Visibility to the OpenStack docs

docs: added information on Image Visibility to the OpenStack docs #7

Workflow file for this run

name: Validate on Pull Request
on:
workflow_dispatch:
pull_request:
types: [ opened, reopened, synchronize ]
jobs:
lint:
name: Lint files
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.21.1'
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: latest
skip-cache: true
args: --timeout=30m
test:
name: Run tests
runs-on: 'ubuntu-22.04'
needs: lint
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.21.1'
- run: go test -v -cover ./...
security-checks:
runs-on: ubuntu-22.04
needs: test
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Get Branch Name
shell: bash
run: |
echo "branch_name=${{ github.event.pull_request.head.ref }}" >> "$GITHUB_ENV"
- name: Build Local Baski Image
uses: drewbernetes/[email protected]
id: build-and-scan-baski
with:
image-repo: "registry.hudson-viles.uk/public"
repo-username: ${{ secrets.REGISTRY_PUBLIC_USER }}
repo-password: ${{ secrets.REGISTRY_PUBLIC_PASSWORD }}
image-name: baski
image-tag: ${{ env.branch_name }}
check-severity: CRITICAL
trivyignore-from-s3: true
s3-endpoint: "https://api.s3.hudson-viles.uk/"
s3-access-key: ${{secrets.S3_ACCESS_KEY}}
s3-secret-key: ${{secrets.S3_SECRET_KEY}}
s3-bucket: "trivyignores"
s3-path: "baski"
add-latest-tag: false
publish-image: false
cosign-private-key: ${{secrets.COSIGN_KEY}}
cosign-password: ${{secrets.COSIGN_PASSWORD}}
cosign-tlog: false
dockerfile-path: docker/baski
- name: Build Local Baski Server Image
uses: drewbernetes/[email protected]
id: build-and-scan-server
with:
image-repo: "registry.hudson-viles.uk/public"
repo-username: ${{ secrets.REGISTRY_PUBLIC_USER }}
repo-password: ${{ secrets.REGISTRY_PUBLIC_PASSWORD }}
image-name: baski-server
image-tag: ${{ env.branch_name }}
check-severity: CRITICAL
trivyignore-from-s3: true
s3-endpoint: "https://api.s3.hudson-viles.uk/"
s3-access-key: ${{secrets.S3_ACCESS_KEY}}
s3-secret-key: ${{secrets.S3_SECRET_KEY}}
s3-bucket: "trivyignores"
s3-path: "baski-server"
add-latest-tag: false
publish-image: false
cosign-private-key: ${{secrets.COSIGN_KEY}}
cosign-password: ${{secrets.COSIGN_PASSWORD}}
cosign-tlog: false
dockerfile-path: docker/server