Skip to content

fix(deps): update module golang.org/x/crypto to v0.31.0 [security] #1382

fix(deps): update module golang.org/x/crypto to v0.31.0 [security]

fix(deps): update module golang.org/x/crypto to v0.31.0 [security] #1382

Workflow file for this run

name: master
on:
push:
branches:
- master
env:
IMAGE_NAME: traq
IMAGE_TAG: master
jobs:
image:
name: Build Docker Image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set TRAQ_VERSION env
run: echo "TRAQ_VERSION=master-SNAPSHOT" >> $GITHUB_ENV
- name: Set TRAQ_REVISION env
run: echo "TRAQ_REVISION=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Show available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: traptitech
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
build-args: |
TRAQ_VERSION=${{ env.TRAQ_VERSION }}
TRAQ_REVISION=${{ env.TRAQ_REVISION }}
tags: |
ghcr.io/traptitech/${{ env.IMAGE_NAME }}:master
scan:
name: Scan Image Vulnerability
runs-on: ubuntu-latest
needs: [image]
steps:
- uses: actions/checkout@v4
- name: Pull docker image
run: docker pull ghcr.io/traptitech/${IMAGE_NAME}:${IMAGE_TAG}
- name: Container image scan
uses: crazy-max/ghaction-container-scan@v3
with:
image: ghcr.io/traptitech/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
annotations: true
deploy-staging:
name: Deploy staging
runs-on: ubuntu-latest
needs: [image]
steps:
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.STAGING_SSH_KEY }}
known_hosts: ${{ secrets.STAGING_KNOWN_HOSTS }}
- name: Deploy
run: ssh -o LogLevel=QUIET -t ${{ secrets.STAGING_DEPLOY_USER }}@${{ secrets.STAGING_DEPLOY_HOST }} "sudo sh /srv/traq/deploy.sh traq-backend"