Skip to content

edzyaml test

edzyaml test #76

Workflow file for this run

name: build scan workflow
on:
push:
branches:
- main
env:
current_branch: ${{ github.ref }}
job_id: ${{ github.run_number }}
sha: ${{ github.sha }}
cd_token: ${{ secrets.cd_token }}
jobs:
build:
name: Build Image
runs-on: ubuntu-latest
environment: dev
steps:
- uses: actions/checkout@v3
- name: git-checkout
run: |
echo "git-checkout done"
- name: create a custom tag
run: echo "IMG_TAG=$(echo $GITHUB_SHA | cut -c 1-6)"-$job_id >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push
uses: docker/build-push-action@v5
with:
push: false
tags: welcome-app:${{ env.IMG_TAG }}, welcome-app:latest
load: true
# Image Scan
# - name: Scan for vulnerabilities with KSOC
# if: always() # run this step always
# uses: ksoclabs/image-scan-action@v0.0.4
# with:
# fail_on_severity: critical
# image: welcome-app:${{ env.IMG_TAG }}
# - name: Scan for vulnerabilities with crazy-max
# if: always() # run this step always
# uses: crazy-max/ghaction-container-scan@v3
# with:
# image: welcome-app:${{ env.IMG_TAG }}
# severity_threshold: HIGH
# dockerfile: ./Dockerfile
# - name: Scan for vulnerabilities with Trivy
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: welcome-app:${{ env.IMG_TAG }}
# format: 'table'
# exit-code: '1'
# ignore-unfixed: true
# vuln-type: 'os,library'
# severity: 'CRITICAL,HIGH'
# - name: Update image tags
# run: |
# git config --unset-all http.https://github.com/.extraheader
# git config --global user.email "aadeshkale.developer.56619@gmail.com"
# git config --global user.name "dev-user"
# git clone https://Aadeshkale:${{ env.cd_token }}@github.com/Aadeshkale/kube-cd
# cd kube-cd
# sed -i 's|image:.*|image: 'welcome-app:${{ env.IMG_TAG }}'|' deployment.yaml
# git add deployment.yaml
# git commit -m "Tag updated by gitaction workflow"
# git push
# using custom action
- name: using edzyaml for pass value to remote repo yaml file
uses: Aadeshkale/edzyaml@main
with:
git_username: Aadeshkale
git_user_email: aadeshkale595@gmail.com
git_repo: Aadeshkale/kube-cd
git_token: ${{ secrets.git_token }}
yaml_file_path: deployment.yaml
yaml_key_path: 'spec.template.spec.containers.0.image'
yaml_value: welcome-app:${{ env.IMG_TAG }}