-
Notifications
You must be signed in to change notification settings - Fork 22
37 lines (34 loc) · 1.08 KB
/
simplerisk-jammy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
name: Full checkup for SimpleRisk Docker images
on:
pull_request:
branches: [ master ]
env:
IMAGE_TAG: "simplerisk/simplerisk:testing"
CONTEXT_PATH: "simplerisk/"
DOCKERFILE_PATH: "simplerisk/jammy/Dockerfile"
DOCKLE_HOST: "unix:///var/run/docker.sock"
jobs:
simplerisk-minimal-php81:
name: 'Verify simplerisk/simplerisk image based on Ubuntu 22.04 (Jammy)'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Build Docker container
uses: docker/build-push-action@v5
with:
context: ${{ env.CONTEXT_PATH }}
file: ${{ env.DOCKERFILE_PATH }}
tags: ${{ env.IMAGE_TAG }}
- name: Run linter with Dockle
uses: erzz/dockle-action@v1
with:
image: ${{ env.IMAGE_TAG }}
failure-threshold: FATAL
dockle-host: "unix:///var/run/docker.sock"
- name: Scan vulnerabilities with Grype
uses: anchore/scan-action@v3
with:
image: ${{ env.IMAGE_TAG }}
only-fixed: true
severity-cutoff: critical