From 0980197fa77915005c67678ecb7f508d40f1c865 Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Thu, 17 Oct 2024 21:54:27 +0200 Subject: [PATCH] Notification + diff --- .github/workflows/ci.yml | 16 ++++- .../workflows/cleanup-old-docker-images.yml | 1 + .github/workflows/trivy.yml | 2 - .github/workflows/trufflehog.yml | 68 +++++++++---------- 4 files changed, 48 insertions(+), 39 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c4b2886c..f110d22a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -120,15 +120,24 @@ jobs: docker push $NEW_TAG done - - name: Build and push + - name: Build for diff and push id: docker_build uses: docker/build-push-action@v2 with: - push: ${{ github.ref == 'refs/heads/master' }} + push: false load: true file: ${{ matrix.image }} tags: ${{ join(matrix.tags) }} - platforms: ${{ join(matrix.platforms) }} + platforms: "linux/amd64" + +# - name: Build and push +# id: docker_build +# uses: docker/build-push-action@v2 +# with: +# push: ${{ github.ref == 'refs/heads/master' }} +# file: ${{ matrix.image }} +# tags: ${{ join(matrix.tags) }} +# platforms: ${{ join(matrix.platforms) }} - name: Current image report run: | @@ -152,6 +161,7 @@ jobs: echo "EOF" >> $GITHUB_ENV - name: Send Slack Notification + if: ${{ github.ref == 'refs/heads/master' }} uses: slackapi/slack-github-action@v1.24.0 with: payload: | diff --git a/.github/workflows/cleanup-old-docker-images.yml b/.github/workflows/cleanup-old-docker-images.yml index c867bfba..3e55c214 100644 --- a/.github/workflows/cleanup-old-docker-images.yml +++ b/.github/workflows/cleanup-old-docker-images.yml @@ -70,6 +70,7 @@ jobs: - name: Send Slack Notification uses: slackapi/slack-github-action@v1.24.0 + if: ${{ github.ref == 'refs/heads/master' }} with: payload: | { diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index bbb1730c..62f19507 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -1,8 +1,6 @@ name: Trivy security scan on: -# schedule: -# - cron: '0 10 * * *' push: branches-ignore: - master diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 38b90775..a7a7e8df 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -38,37 +38,37 @@ jobs: exit 1 # This will fail the workflow fi - - name: Send Slack Notification - if: github.event.schedule == '0 10 * * *' - uses: slackapi/slack-github-action@v1.24.0 - with: - payload: | - { - "text": "Trufflehog scan completed for ${{ github.repository }}", - "attachments": [ - { - "pretext": "Trufflehog Scan Results", - "color": "${{ steps.trufflehog_scan.outcome == 'success' && 'good' || 'danger' }}", - "fields": [ - { - "title": "Outcome", - "value": "${{ steps.trufflehog_scan.outcome == 'success' && 'No secrets found' || 'Secrets were found' }}", - "short": true - }, - { - "title": "Branch", - "value": "${{ github.ref }}", - "short": true - }, - { - "title": "Commit", - "value": "${{ github.sha }}", - "short": true - } - ] - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK +# - name: Send Slack Notification +# if: github.event.schedule == '0 10 * * *' +# uses: slackapi/slack-github-action@v1.24.0 +# with: +# payload: | +# { +# "text": "Trufflehog scan completed for ${{ github.repository }}", +# "attachments": [ +# { +# "pretext": "Trufflehog Scan Results", +# "color": "${{ steps.trufflehog_scan.outcome == 'success' && 'good' || 'danger' }}", +# "fields": [ +# { +# "title": "Outcome", +# "value": "${{ steps.trufflehog_scan.outcome == 'success' && 'No secrets found' || 'Secrets were found' }}", +# "short": true +# }, +# { +# "title": "Branch", +# "value": "${{ github.ref }}", +# "short": true +# }, +# { +# "title": "Commit", +# "value": "${{ github.sha }}", +# "short": true +# } +# ] +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK