name: Build and push Nginx on alpine based container images on: push: branches: - master jobs: build: name: Build nginx container images runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest strategy: matrix: version: - alpine: "3.17" nginx: "1.22" - alpine: "3.19" nginx: "1.24" - alpine: "3.21" nginx: "1.26" steps: - name: Check out repository code uses: actions/checkout@v4 - name: Login to docker.io uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} # - name: Set up QEMU # uses: docker/setup-qemu-action@v3 - name: Setup Docker buildx uses: docker/setup-buildx-action@v3 - name: Build and push nginx on alpine base uses: docker/build-push-action@v5 with: # platforms: linux/amd64,linux/arm64 push: true context: . file: Dockerfile.alpine build-args: | ALPINE_VERSION=${{ matrix.version.alpine }} NGINX_VERSION=${{ matrix.version.nginx }} tags: | ${{ vars.DOCKERHUB_USERNAME }}/nginx:${{ matrix.version.nginx }}-alpine - name: Scan container image with Trivy uses: aquasecurity/trivy-action@0.20.0 with: image-ref: '${{ vars.DOCKERHUB_USERNAME }}/nginx:${{ matrix.version.nginx }}-alpine' format: 'sarif' output: 'trivy-results.sarif' build-latest: name: Build latest nginx alpine based container images runs-on: ubuntu-latest needs: - build container: image: ghcr.io/catthehacker/ubuntu:act-latest steps: - name: Check out repository code uses: actions/checkout@v4 - name: Login to docker.io uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} # - name: Set up QEMU # uses: docker/setup-qemu-action@v3 - name: Setup Docker buildx uses: docker/setup-buildx-action@v3 - name: Build and push latest nginx uses: docker/build-push-action@v5 with: # platforms: linux/amd64,linux/arm64 push: true context: . file: Dockerfile.alpine tags: | ${{ vars.DOCKERHUB_USERNAME }}/nginx:alpine ${{ vars.DOCKERHUB_USERNAME }}/nginx:latest