nginx/.gitea/workflows/almalinux.yaml

name: Build and push Nginx on almalinux based container images

on:
  push:
    branches:
      - master

jobs:
  build:
    name: Build nginx container images
    runs-on: ubuntu-latest
    container:
      image: ghcr.io/catthehacker/ubuntu:act-latest
    strategy:
      matrix:
        version: ["1.22", "1.24"]
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Login to docker.io
        uses: docker/login-action@v3
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      # - name: Set up QEMU
      #   uses: docker/setup-qemu-action@v3
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
      - name: Build and push nginx on almalinux base
        uses: docker/build-push-action@v5
        with:
          # platforms: linux/amd64,linux/arm64
          push: true
          context: .
          file: Dockerfile.almalinux
          build-args: |
            NGINX_VERSION=${{ matrix.version }}            
          tags: |
            ${{ vars.DOCKERHUB_USERNAME }}/nginx:${{ matrix.version }}-almalinux            
      - name: Scan container image with Trivy
        uses: aquasecurity/trivy-action@0.20.0
        with:
          image-ref: '${{ vars.DOCKERHUB_USERNAME }}/nginx:${{ matrix.version.nginx }}-almalinux'
          format: 'sarif'
          output: 'trivy-results.sarif'
  build-latest:
    name: Build latest nginx almalinux based container images
    runs-on: ubuntu-latest
    needs:
      - build
    container:
      image: ghcr.io/catthehacker/ubuntu:act-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Login to docker.io
        uses: docker/login-action@v3
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      # - name: Set up QEMU
      #   uses: docker/setup-qemu-action@v3
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
      - name: Build and push latest nginx
        uses: docker/build-push-action@v5
        with:
          # platforms: linux/amd64,linux/arm64
          push: true
          context: .
          file: Dockerfile.almalinux
          tags: |
            ${{ vars.DOCKERHUB_USERNAME }}/nginx:almalinux