name: Build and push Alpine Linux container images on: push: branches: - master jobs: prepare: name: Get build meta runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest steps: - name: Check out repository code uses: actions/checkout@v4 - name: Get build-meta.json content id: get-build-meta uses: ActionsTools/read-json-action@main with: file_path: "build-meta.json" outputs: versions: ${{ steps.get-build-meta.outputs.versions }} build: name: Build alpine linux container images container: image: ghcr.io/catthehacker/ubuntu:act-latest runs-on: ubuntu-latest needs: - prepare strategy: matrix: # version: ${{ fromJson(needs.prepare.outputs.versions) }} version: - "3.5" - "3.6" steps: - name: Check out repository code uses: actions/checkout@v4 - name: Login to docker.io uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} # - name: Set up QEMU # uses: docker/setup-qemu-action@v3 - name: Setup Docker buildx uses: docker/setup-buildx-action@v3 - name: Build and push alpine ${{ matrix.version }} uses: docker/build-push-action@v5 with: # platforms: linux/amd64,linux/arm64 push: true context: . build-args: | ALPINE_VERSION=${{ matrix.version }} tags: | ${{ vars.DOCKERHUB_USERNAME }}/alpine:${{ matrix.version }} - name: Build latest version uses: docker/build-push-action@v5 with: # platforms: linux/amd64,linux/arm64 push: true context: . tags: | ${{ vars.DOCKERHUB_USERNAME }}/alpine:latest # - name: Scan alpine9 image with Trivy # uses: aquasecurity/trivy-action@0.20.0 # with: # image-ref: '${{ vars.DOCKERHUB_USERNAME }}/alpine:9.5' # format: 'sarif' # output: 'trivy-results.sarif' # - name: Scan alpine9-micro image with Trivy # uses: aquasecurity/trivy-action@0.20.0 # with: # image-ref: '${{ vars.DOCKERHUB_USERNAME }}/alpine:9.5-micro' # format: 'sarif' # output: 'trivy-results.sarif'