Skip to content

Commit

Permalink
Merge pull request #430 from DaanSelen/main
Browse files Browse the repository at this point in the history
Modified GitHub workflows
  • Loading branch information
DaanSelen authored Oct 22, 2024
2 parents 4546e79 + cfe5977 commit 7861cff
Show file tree
Hide file tree
Showing 4 changed files with 92 additions and 60 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -53,7 +53,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@v3

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -67,4 +67,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v3
50 changes: 50 additions & 0 deletions .github/workflows/docker-analyze.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
name: Docker-Analyze

on:
schedule:
- cron: "0 0 * * *" # Daily at midnight UTC
workflow_dispatch:
inputs:
trigger-build:
description: 'Trigger a manual build and push'
default: 'true'

env:
DOCKER_IMAGE: dselen/wgdashboard

jobs:
docker_analyze:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}

- name: Install Docker Scout
run: |
echo "Installing Docker Scout..."
curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh -s --
echo "Docker Scout installed successfully."
- name: Analyze Docker image with Docker Scout
id: analyze-image
run: |
echo "Analyzing Docker image with Docker Scout..."
docker scout cves ${{ env.DOCKER_IMAGE }}:latest > scout-results.txt
cat scout-results.txt
echo "Docker Scout analysis completed."
- name: Fail if critical CVEs are found
run: |
if grep -q "0C" scout-results.txt; then
echo "No critical vulnerabilities found! Continueing."
exit 0
else
echo "At least one critical vulnerabilities found! Exiting."
exit 1
fi
38 changes: 38 additions & 0 deletions .github/workflows/docker-build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Docker-Build

on:
schedule:
- cron: "0 0 * * *" # Daily at midnight UTC
workflow_dispatch:
inputs:
trigger-build:
description: 'Trigger a manual build and push'
default: 'true'

env:
DOCKER_IMAGE: donaldzou/wgdashboard

jobs:
docker_build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build and export
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.DOCKER_IMAGE }}:latest
56 changes: 0 additions & 56 deletions .github/workflows/main.yml

This file was deleted.

0 comments on commit 7861cff

Please sign in to comment.