Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Docker Image For nginx-utils Container | |
| permissions: | |
| contents: read | |
| packages: write | |
| actions: write | |
| on: | |
| release: | |
| types: [created] | |
| env: | |
| RELEASE_VERSION: ${{ github.event.release.tag_name }} | |
| jobs: | |
| run-on-release: | |
| if: endsWith(github.event.release.tag_name, '-docker') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set Release Version | |
| run: echo "RELEASE_VERSION=${RELEASE_VERSION%-docker}" >> $GITHUB_ENV | |
| - name: Starting Release Build | |
| run: echo "Starting Release Build for ${RELEASE_VERSION}" | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: List repository files | |
| run: ls -R .; pwd | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3.11.1 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3.5.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6.18.0 | |
| with: | |
| context: . | |
| file: nginx-utils/Dockerfile | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| tags: | | |
| ghcr.io/nginx/nginx-utils:${{ env.RELEASE_VERSION }} | |
| ghcr.io/nginx/nginx-utils:latest | |
| - name: Install Trivy and scan image for vulnerabilities | |
| uses: aquasecurity/trivy-action@0.33.1 | |
| with: | |
| image-ref: ghcr.io/${{ github.repository_owner }}/nginx-utils:latest | |
| format: json | |
| output: vuln-report.json | |
| - name: Upload Vulnerability Report | |
| uses: actions/upload-artifact@v4.6.2 | |
| with: | |
| name: vuln-report | |
| path: vuln-report.json | |
| - name: Update Release Notes with Docker Image Info | |
| uses: softprops/action-gh-release@v2.3.2 | |
| with: | |
| tag_name: ${{ github.event.release.tag_name }} | |
| body: | | |
| ## Docker Image | |
| The Docker image for this release can be pulled using: | |
| ``` | |
| docker pull ghcr.io/${{ github.repository_owner }}/nginx-utils:${{ github.event.release.tag_name }} | |
| ``` | |
| Or use the `latest` tag: | |
| ``` | |
| docker pull ghcr.io/${{ github.repository_owner }}/nginx-utils:latest | |
| ``` |