Skip to content

fix cve CVE-2023-48795, CVE-2023-39325, CVE-2023-3978, CVE-2023-44487 #35

fix cve CVE-2023-48795, CVE-2023-39325, CVE-2023-3978, CVE-2023-44487

fix cve CVE-2023-48795, CVE-2023-39325, CVE-2023-3978, CVE-2023-44487 #35

Workflow file for this run

name: ci
on:
push:
branches:
- 'main'
- 'dev'
pull_request:
branches: [ "main" ]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get registry tags
shell: bash
run: |
GIT_BRANCH="${GITHUB_REF_NAME}"
if [ "${GITHUB_REF}" == "refs/pull/"*"/merge" ]; then
GIT_BRANCH="pr-$(echo ${GITHUB_REF} | sed 's|refs/pull/(.*)/merge|\1|g')-${GITHUB_SHA:0:8}"
fi
if [ "${GITHUB_REF}" == "refs/remotes/pull/"*"/merge" ]; then
GIT_BRANCH="pr-$(echo ${GITHUB_REF} | sed 's|refs/remotes/pull/(.*)/merge|\1|g')-${GITHUB_SHA:0:8}"
fi
GIT_BRANCH=$(echo "${GIT_BRANCH}" | tr '/' '-')
echo "GIT_BRANCH=${GIT_BRANCH}" >> $GITHUB_ENV
REGISTRY_TAGS="${REGISTRY}/${IMAGE_NAME}:${GIT_BRANCH}"
if [ "${GIT_BRANCH}" == "main" ]; then
REGISTRY_TAGS="${REGISTRY_TAGS},${REGISTRY}/${IMAGE_NAME}:latest"
fi
echo "REGISTRY_TAGS=${REGISTRY_TAGS}" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ env.REGISTRY_TAGS }}