alpine/.gitea/workflows/alpine.yaml

name: Build and push Alpine Linux container images

on:
  push:
    branches:
      - master

jobs:
  # prepare:
  #   name: Get build meta
  #   runs-on: ubuntu-latest
  #   container:
  #     image: ghcr.io/catthehacker/ubuntu:act-latest
  #   steps:
  #     - name: Check out repository code
  #       uses: actions/checkout@v4
  #     - name: Get build-meta.json content
  #       id: get-build-meta
  #       uses: ActionsTools/read-json-action@main
  #       with:
  #         file_path: "build-meta.json"
  #   outputs:
  #     versions: ${{ steps.get-build-meta.outputs.versions }}

  build:
    name: Build alpine linux container images
    container:
      image: ghcr.io/catthehacker/ubuntu:act-latest
    runs-on: ubuntu-latest
    # needs:
    #   - prepare
    strategy:
      matrix:
        # version: ${{ fromJson(needs.prepare.outputs.versions) }}
        version:
          - "3.5"
          - "3.6"
          - "3.7"
          - "3.8"
          - "3.9"
          - "3.10"
          - "3.11"
          - "3.12"
          - "3.13"
          - "3.14"
          - "3.15"
          - "3.16"
          - "3.17"
          - "3.18"
          - "3.19"
          - "3.20"
          - "3.21"
          - "edge"
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Login to docker.io
        uses: docker/login-action@v3
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      # - name: Set up QEMU
      #   uses: docker/setup-qemu-action@v3
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
      - name: Build and push container image
        uses: docker/build-push-action@v5
        with:
          # platforms: linux/amd64,linux/arm64
          push: true
          context: .
          build-args: |
            ALPINE_VERSION=${{ matrix.version }}            
          tags: |
            ${{ vars.DOCKERHUB_USERNAME }}/alpine:${{ matrix.version }}            
      - name: Scan container image with Trivy
        uses: aquasecurity/trivy-action@0.20.0
        with:
          image-ref: '${{ vars.DOCKERHUB_USERNAME }}/alpine:${{ matrix.version }}'
          format: 'sarif'
          output: 'trivy-results.sarif'

  build-latest:
    name: Build latest alpine linux container images
    container:
      image: ghcr.io/catthehacker/ubuntu:act-latest
    runs-on: ubuntu-latest
    needs:
      - prepare
      - build
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Login to docker.io
        uses: docker/login-action@v3
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      # - name: Set up QEMU
      #   uses: docker/setup-qemu-action@v3
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
      - name: Build latest version
        uses: docker/build-push-action@v5
        with:
          # platforms: linux/amd64,linux/arm64
          push: true
          context: .
          tags: |
            ${{ vars.DOCKERHUB_USERNAME }}/alpine:latest            
      - name: Scan container image with Trivy
        uses: aquasecurity/trivy-action@0.20.0
        with:
          image-ref: '${{ vars.DOCKERHUB_USERNAME }}/alpine:latest'
          format: 'sarif'
          output: 'trivy-results.sarif'