Skip to content

Snyk take2

Snyk take2 #329

Workflow file for this run

name: Publish Docker image
on:
release:
types: [published]
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: '0 21 * * 0' # run Sundays at 21
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
changes:
runs-on: ubuntu-latest
permissions:
pull-requests: read
outputs:
images: ${{ steps.filter.outputs.changes }}
steps:
- name: Check out the repo
uses: actions/checkout@v4.2.0
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
code-server: "code-server/**"
rstudio: "rstudio/**"
base-r: "base-r/**"
dev: "dev/**"
deformitet-dev: "deformitet-dev/**"
norgast-dev: "norgast-dev/**"
nnrr-dev: "nnrr-dev/**"
nra-dev: "nra-dev/**"
norspis-dev: "norspis-dev/**"
muskel-dev: "muskel-dev/**"
smerte-dev: "smerte-dev/**"
ablanor-dev: "ablanor-dev/**"
noric-dev: "noric-dev/**"
rapregtemplate-dev: "rapregtemplate-dev/**"
base-r-alpine: "base-r-alpine/**"
push_to_registries:
needs: changes
if: ${{ needs.changes.outputs.images != '[]' && needs.changes.outputs.images != '' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image: ${{ fromJSON(needs.changes.outputs.images) }}
name: ${{ matrix.image }}
steps:
- name: Check out the repo
uses: actions/checkout@v4.2.0
- name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: "${{ matrix.image }}/Dockerfile"
- name: Prepare tags
id: docker_meta
uses: docker/metadata-action@v5.5.1
with:
images: rapporteket/${{ matrix.image }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=schedule,pattern=weekly
type=semver,pattern={{version}}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.6.1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3.3.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push to Docker Hub
uses: docker/build-push-action@v6.9.0
with:
context: ./${{ matrix.image }}/.
file: ./${{ matrix.image }}/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max