Skip to content

[Snyk] Security upgrade dompurify from 2.2.9 to 2.5.4 #809

[Snyk] Security upgrade dompurify from 2.2.9 to 2.5.4

[Snyk] Security upgrade dompurify from 2.2.9 to 2.5.4 #809

Workflow file for this run

name: Build and Push Container Image
on:
push:
tags:
- "v*.*.*"
branches:
- master
- main
pull_request:
branches:
- master
- main
jobs:
build-push:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Docker app meta
id: meta-app
uses: docker/metadata-action@v3
with:
images: 933237757710.dkr.ecr.eu-west-1.amazonaws.com/app
- name: Docker reverseproxy meta
id: meta-reverseproxy
uses: docker/metadata-action@v3
with:
images: 933237757710.dkr.ecr.eu-west-1.amazonaws.com/nginx
- name: Set up Docker Buildx
id: build-app
uses: docker/setup-buildx-action@v1
- name: Set up Docker Buildx
id: build-reverseproxy
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
if: github.event_name != 'pull_request'
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-1
- name: Login to Amazon ECR
id: login-ecr
if: github.event_name != 'pull_request'
uses: aws-actions/amazon-ecr-login@v1
- name: Build and push app
id: docker_build_app
uses: docker/build-push-action@v2
with:
context: .
builder: ${{ steps.build-app.outputs.name }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta-app.outputs.tags }}
labels: ${{ steps.meta-app.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Build and push reverseproxy
id: docker_build_reverseproxy
uses: docker/build-push-action@v2
with:
context: ./reverseproxy
builder: ${{ steps.build-reverseproxy.outputs.name }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta-reverseproxy.outputs.tags }}
labels: ${{ steps.meta-reverseproxy.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache