Skip to content

chore(release): 1.31.0-beta.17 #210

chore(release): 1.31.0-beta.17

chore(release): 1.31.0-beta.17 #210

Workflow file for this run

name: "Build Pipeline"
on:
push:
tags:
- '**'
permissions:
id-token: write
contents: read
pull-requests: write
jobs:
build_and_publish:
runs-on: ubuntu-latest
env:
APP_NAME: midaz-ledger
WORKING_DIR: components/ledger
DOCKERHUB_ORG: lerianstudio
name: Build And Publish Docker Image to Midaz
steps:
- uses: actions/checkout@v4
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: "${{ secrets.DOCKER_USERNAME }}"
password: "${{ secrets.DOCKER_PASSWORD }}"
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKERHUB_ORG }}/${{ env.APP_NAME }}
tags: |
type=semver,pattern={{version}}
type=ref,event=branch,suffix=-${{ github.sha }}
- name: Build Docker image
uses: docker/build-push-action@v5
with:
file: ${{ env.WORKING_DIR }}/Dockerfile
load: true
tags: ${{ steps.meta.outputs.tags }}
- name: Extract tag name
shell: bash
run: echo "tag=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
id: extract_tag
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ env.DOCKERHUB_ORG }}/${{ env.APP_NAME }}:${{ steps.extract_tag.outputs.tag }}'
format: 'table'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
exit-code: '1'
- name: Push Docker image
uses: docker/build-push-action@v5
with:
file: ${{ env.WORKING_DIR }}/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}