mirror of
https://github.com/cloudnative-pg/plugin-barman-cloud.git
synced 2026-01-11 21:23:12 +01:00
63 lines
1.6 KiB
YAML
63 lines
1.6 KiB
YAML
name: Barman Base Image
|
|
on:
|
|
pull_request:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "0 0 * * 0"
|
|
|
|
env:
|
|
IMAGE_NAME: "ghcr.io/cloudnative-pg/plugin-barman-cloud-base"
|
|
PLATFORMS: "linux/amd64,linux/arm64"
|
|
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
security-events: write
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
with:
|
|
platforms: ${{ env.PLATFORMS }}
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Log in to the GitHub Container registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build Docker Image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
platforms: ${{ env.PLATFORMS }}
|
|
context: .
|
|
file: ./containers/Dockerfile.barmanbase
|
|
push: true
|
|
tags: ${{ env.IMAGE_NAME }}:latest
|
|
|
|
- name: Run Snyk to check Docker image for vulnerabilities
|
|
uses: snyk/actions/docker@master
|
|
continue-on-error: true
|
|
env:
|
|
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
|
with:
|
|
image: "${{ env.IMAGE_NAME }}:latest"
|
|
args: --severity-threshold=high --file=./containers/Dockerfile.barmanbase
|
|
|
|
- name: Upload result to GitHub Code Scanning
|
|
uses: github/codeql-action/upload-sarif@v3
|
|
with:
|
|
sarif_file: snyk.sarif
|