Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix CI to push releases to Docker Hub #4972

Merged
merged 1 commit into from
Jan 30, 2025
Merged

Fix CI to push releases to Docker Hub #4972

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 15 additions & 30 deletions .github/workflows/dockerhub-push.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,11 @@ name: HMDA Docker Hub Image Push

on:
push:
branches:
- master
tags:
- '*' # Push events to every tag not containing /

env:
REGISTRY: hmda/hmda-platform

jobs:
push_to_dockerhub:
Expand All @@ -14,39 +17,21 @@ jobs:
- name: Check out the repo
uses: actions/checkout@v4

- name: Log in to Docker Hub
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup sbt launcher
uses: sbt/setup-sbt@v1

- name: Build image of HMDA Platform only
run: |
sbt -batch clean hmda-platform/docker:publishLocal
continue-on-error: true
sbt "project hmda-platform" dockerPublishLocalSkipTests

- name: Tag Docker image
run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest

- name: Push image to Docker Hub
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest
run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") ${{ env.REGISTRY }}:${{ github.ref_name }}

- name: Run Docker Scout CVE scan
if: ${{ github.event_name != 'pull_request_target' }}
uses: docker/scout-action@v1
with:
command: cves
image: ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest
sarif-file: sarif.output.json
summary: true

- name: Upload CVE scan to artifact
if: ${{ github.event_name != 'pull_request_target' }}
uses: github/codeql-action/upload-sarif@v2
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
sarif_file: sarif.output.json
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Post comment with report link
uses: thollander/actions-comment-pull-request@v3
with:
message: CVE scan report generated by Docker Scout are available. Check the Actions tab to download the report.
- name: Push image to Docker Hub
run: docker push ${{ env.REGISTRY }}:${{ github.ref_name }}
Loading