[pre-commit.ci] pre-commit autoupdate #20

Workflow file for this run

	name: ci

	concurrency:
	group: ${{ github.event_name }}-${{ github.ref_name }}
	cancel-in-progress: ${{ !startsWith(github.ref, 'refs/tags/') }}

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main
	tags:
	- "*"

	env:
	IMAGE_REPOSITORY: licenseware/logblocks
	IMAGE_REGISTRY: ghcr.io
	PYTHON_VERSION: "3.12"

	jobs:
	build-docker-pr:
	if: github.event_name == 'pull_request'
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Container Registry
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	password: ${{ secrets.GITHUB_TOKEN }}
	registry: ghcr.io
	username: ${{ github.actor }}
	- id: meta
	name: Docker metadata
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	cache-from: type=gha
	cache-to: type=gha,mode=max
	labels: ${{ steps.meta.outputs.labels }}
	platforms: linux/amd64
	push: true
	tags: \|
	${{ steps.meta.outputs.tags }}
	${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.run_id }}
	- if: contains(github.event.pull_request.labels.*.name, 'check-cves')
	name: Docker Scout - cves
	uses: docker/scout-action@v1
	with:
	command: cves
	ignore-unchanged: true
	image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.run_id }}
	only-fixed: true
	only-severities: medium,high,critical
	sarif-file: sarif.output.json
	summary: true
	- if: contains(github.event.pull_request.labels.*.name, 'check-cves')
	name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	if-no-files-found: warn
	name: scout-results
	path: sarif.output.json


	build-docker-edge:
	if: github.event_name == 'push' && github.ref == 'refs/heads/main'
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Container Registry
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	password: ${{ secrets.GITHUB_TOKEN }}
	registry: ghcr.io
	username: ${{ github.actor }}
	- id: meta
	name: Docker metadata
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	cache-from: type=gha
	cache-to: type=gha,mode=max
	labels: ${{ steps.meta.outputs.labels }}
	platforms: linux/amd64
	push: true
	tags: \|
	${{ steps.meta.outputs.tags }}
	${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.run_id }}
	${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:latest
	- name: Docker Scout - cves
	uses: docker/scout-action@v1
	with:
	command: cves
	ignore-unchanged: true
	image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.run_id }}
	only-fixed: true
	only-severities: medium,high,critical
	sarif-file: sarif.output.json
	summary: true
	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	if-no-files-found: warn
	name: scout-results
	path: sarif.output.json

	build-docker-stable:
	if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Container Registry
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	password: ${{ secrets.GITHUB_TOKEN }}
	registry: ghcr.io
	username: ${{ github.actor }}
	- id: meta
	name: Docker metadata
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	cache-from: type=gha
	cache-to: type=gha,mode=max
	labels: ${{ steps.meta.outputs.labels }}
	platforms: linux/amd64
	push: true
	tags: \|
	${{ steps.meta.outputs.tags }}
	${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.ref_name }}
	- name: Docker Scout - cves
	uses: docker/scout-action@v1
	with:
	command: cves
	ignore-unchanged: true
	image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_REPOSITORY }}:${{ github.ref_name }}
	only-fixed: true
	only-severities: medium,high,critical
	sarif-file: sarif.output.json
	summary: true
	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	if-no-files-found: warn
	name: scout-results
	path: sarif.output.json

	publish-pypi:
	if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: ${{ env.PYTHON_VERSION }}
	- env:
	PACKAGE_VERSION: ${{ github.ref_name }}
	name: Prepare
	run: pip install wheel setuptools && python setup.py sdist bdist_wheel
	- name: Publish PyPi
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	password: ${{ secrets.PYPI_API_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pre-commit.ci] pre-commit autoupdate #20

Workflow file

[pre-commit.ci] pre-commit autoupdate #20

Jobs

Run details

Workflow file for this run