from tx-repo

eclipse-tractusx · Feb 29, 2024 · 7c09434 · 7c09434
1 parent 87b7d53
commit 7c09434
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 44 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -1,22 +1,23 @@
-#################################################################################
-# Copyright (c) 2022,2023 T-Systems International GmbH
-# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
-#
-# See the NOTICE file(s) distributed with this work for additional
-# information regarding copyright ownership.
-#
-# This program and the accompanying materials are made available under the
-# terms of the Apache License, Version 2.0 which is available at
-# https://www.apache.org/licenses/LICENSE-2.0.
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-################################################################################
+#*******************************************************************************
+#* Copyright (c) 2022, 2023 T-Systems International GmbH
+#* Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation
+#*
+#* See the NOTICE file(s) distributed with this work for additional
+#* information regarding copyright ownership.
+#*
+#* This program and the accompanying materials are made available under the
+#* terms of the Apache License, Version 2.0 which is available at
+#* https://www.apache.org/licenses/LICENSE-2.0.
+#*
+#* Unless required by applicable law or agreed to in writing, software
+#* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#* License for the specific language governing permissions and limitations
+#* under the License.
+#*
+#* SPDX-License-Identifier: Apache-2.0
+#********************************************************************************
+
 
 name: build
 
@@ -36,10 +37,11 @@ on:
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
-
 env:
-  IMAGE_NAMESPACE: "tractusx"
-  IMAGE_NAME: "managed-service-orchestrator"
+  REGISTRY: ghcr.io
+  IMAGE_NAME: catenax-ng/product-autosetup-backend/autosetup
+  # Allows you to run this workflow manually from the Actions tab
+
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@@ -61,9 +63,7 @@ jobs:
         uses: docker/metadata-action@v4
         with:
           images: |
-            ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
-          # Automatically prepare image tags; See action docs for more examples. 
-          # semver patter will generate tags like these for example :1 :1.2 :1.2.3
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
             type=ref,event=branch
             type=ref,event=pr
@@ -73,31 +73,18 @@ jobs:
           flavor: |
               latest=true
 
-      - name: DockerHub login
+      - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
         uses: docker/login-action@v2
         with:
-          # Use existing DockerHub credentials present as secrets
-          username: ${{ secrets.DOCKER_HUB_USER }}
-          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push
         uses: docker/build-push-action@v3
         with:
           context: .
-          # Build image for verification purposes on every trigger event. Only push if event is not a PR
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-
-      # https://github.com/peter-evans/dockerhub-description
-      # Important step to push image description to DockerHub 
-      - name: Update Docker Hub description
-        if: github.event_name != 'pull_request'
-        uses: peter-evans/dockerhub-description@v3
-        with:
-        # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images'   
-        # readme-filepath: path/to/dedicated/notice-for-docker-image.md 
-          username: ${{ secrets.DOCKER_HUB_USER }}
-          password: ${{ secrets.DOCKER_HUB_TOKEN }}
-          repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -43,7 +43,7 @@ jobs:
         uses: aquasecurity/[email protected]
         with:
           # Path to Docker image
-          image-ref: "tractusx/managed-service-orchestrator:latest"
+          image-ref: "ghcr.io/catenax-ng/product-autosetup-backend/autosetup:latest"
           format: "sarif"
           output: "trivy-results.sarif"
           vuln-type: "os,library"

diff --git a/.github/workflows/veracode.yaml b/.github/workflows/veracode.yaml
@@ -52,7 +52,7 @@ jobs:
       - name: Run Veracode Upload And Scan
         uses: veracode/[email protected]
         with:
-          appname: "DFT AutoSetup"
+          appname: "AutoSetup"
           createprofile: false
           filepath: "./target/*.jar"
           vid: "${{ secrets.VERACODE_API_ID }}"