Skip to content

ci: update aquasec/trivy to 0.58.0 #480

ci: update aquasec/trivy to 0.58.0

ci: update aquasec/trivy to 0.58.0 #480

Workflow file for this run

name: Build traefik with OpenSSL
on:
push:
branches:
- master
paths:
- "traefik/**"
- ".github/workflows/traefik.yml"
- ".github/actions/build-docker-image/**"
pull_request:
paths:
- "traefik/**"
- ".github/workflows/traefik.yml"
- ".github/actions/build-docker-image/**"
workflow_dispatch:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
push_to_registry:
name: Build Traefik ${{ matrix.traefik.suffix }} with OpenSSL
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
pull-requests: write
security-events: write
id-token: write
attestations: write
strategy:
fail-fast: false
matrix:
traefik:
- suffix: "v2"
primaryTag: "latest"
- suffix: "v3"
primaryTag: "v3"
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Get image version
id: getversion
run: echo "version=$(head -n 1 "traefik/Dockerfile.${{ matrix.traefik.suffix }}" | sed -r -e 's/^([^:]+):([^ @$-]+).*/\2/')" >> "${GITHUB_OUTPUT}"
- name: Build and push image
uses: ./.github/actions/build-docker-image
with:
context: traefik
file: traefik/Dockerfile.${{ matrix.traefik.suffix }}
push: ${{ github.base_ref == null }}
cache-from: type=gha,scope=traefik-${{ matrix.traefik.suffix }}
cache-to: type=gha,mode=max,scope=traefik-${{ matrix.traefik.suffix }}
no-cache: ${{ github.event_name == 'workflow_dispatch' }}
primaryTag: ghcr.io/automattic/vip-container-images/traefik_openssl:${{ matrix.traefik.primaryTag }}
tags: ghcr.io/automattic/vip-container-images/traefik_openssl:${{ steps.getversion.outputs.version }}