almalinux/.gitea/workflows/almalinux9.yaml

113 lines
3.8 KiB
YAML

name: Build and push Almalinux 9 container images
on:
push:
branches:
- master
jobs:
build:
name: Build almalinux9 container images
runs-on: ubuntu-latest
container:
image: ghcr.io/catthehacker/ubuntu:act-latest
strategy:
matrix:
flavor: ["default", "micro"]
version: ["9.5"]
steps:
- name: Check out repository code
uses: actions/checkout@v4
- if: ${{ matrix.flavor == 'default' }}
name: Build almalinux default image
uses: redhat-actions/build-push-action@v5
with:
context: .
containerfiles: |
9/Containerfile.${{ matrix.flavor }}
build-args: |
ALMALINUX_VERSION=${{ matrix.version }}
tags: |
quay.io/sindigilive/almalinux:${{ matrix.version }}
- if: ${{ matrix.flavor == 'default' }}
name: Push To quay.io
uses: redhat-actions/push-to-registry@v2
with:
tags: quay.io/sindigilive/almalinux:${{ matrix.version }}
registry: quay.io
username: ${{ vars.QUAY_USERNAME }}
password: ${{ secrets.QUAY_SECRET }}
- if: ${{ matrix.flavor == 'default' }}
name: Scan almalinux image with Trivy
uses: aquasecurity/trivy-action@0.20.0
with:
image-ref: 'quay.io/sindigilive/almalinux:${{ matrix.version }}'
format: 'sarif'
output: 'trivy-results.sarif'
- if: ${{ matrix.flavor != 'default' }}
name: Build and push almalinux flavor
uses: redhat-actions/build-push-action@v5
with:
context: .
containerfiles: |
9/Dockerfile.${{ matrix.flavor }}
build-args: |
ALMALINUX_VERSION=${{ matrix.version }}
tags: |
quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}
- if: ${{ matrix.flavor != 'default' }}
name: Push almalinux flavor image to quay.io
uses: redhat-actions/push-to-registry@v2
with:
tags: quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}
registry: quay.io
username: ${{ vars.QUAY_USERNAME }}
password: ${{ secrets.QUAY_SECRET }}
- if: ${{ matrix.flavor != 'default' }}
name: Scan almalinux flavor image with Trivy
uses: aquasecurity/trivy-action@0.20.0
with:
image-ref: 'quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}'
format: 'sarif'
output: 'trivy-results.sarif'
build-latest:
name: Build latest almalinux9 container images
runs-on: ubuntu-latest
needs:
- build
container:
image: ghcr.io/catthehacker/ubuntu:act-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
- name: Build and push latest almalinux9-micro
uses: redhat-actions/build-push-action@v5
with:
context: .
containerfiles: |
9/Dockerfile.micro
tags: |
quay.io/sindigilive/almalinux:9-micro
quay.io/sindigilive/almalinux:micro
- name: Build and push latest-almalinux9
uses: redhat-actions/build-push-action@v5
with:
context: .
containerfiles: |
9/Dockerfile.micro
tags: |
quay.io/sindigilive/almalinux:9
quay.io/sindigilive/almalinux:latest
- name: Push latest almalinux image to quay.io
uses: redhat-actions/push-to-registry@v2
with:
registry: quay.io
username: ${{ vars.QUAY_USERNAME }}
password: ${{ secrets.QUAY_SECRET }}
tags: |
quay.io/sindigilive/almalinux:9-micro
quay.io/sindigilive/almalinux:micro
quay.io/sindigilive/almalinux:9
quay.io/sindigilive/almalinux:latest