build_and_push_images #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# +-----------------------------------------------+ | |
# | WARNING: This file is generated, do not edit! | | |
# | Edit _templates/release-channel.yml.erb instead. | | |
# +-----------------------------------------------+ | |
name: Build and push images (stable) | |
on: | |
push: | |
branches: | |
- master | |
paths: | |
- "**/*" | |
- "!README.md" | |
- "!build.rb" | |
schedule: | |
# As well as running when we make changes we should run at least | |
# every week in order to pick up new parent images and new versions of Snyk | |
- cron: "0 0 * * 0" | |
workflow_dispatch: | |
repository_dispatch: | |
types: [build_and_push_images] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
if: | | |
github.event_name == 'schedule' || | |
github.event_name == 'push' || | |
(github.event_name == 'repository_dispatch' && github.event.client_payload.release_channel == 'stable') | |
env: | |
CLI_VERSION: ${{ github.event.client_payload.version || 'stable' }} | |
strategy: | |
fail-fast: false | |
matrix: | |
base: | |
- clojure | |
tag: | |
- clojure | |
target: | |
- linux | |
include: | |
- base: clojure:boot | |
tag: clojure-boot | |
target: linux | |
- base: clojure:lein | |
tag: clojure-lein | |
target: linux | |
- base: clojure:tools-deps | |
tag: clojure-tools-deps | |
target: linux | |
- base: elixir | |
tag: elixir | |
target: linux | |
- base: elixir:1.10 | |
tag: elixir-1.10 | |
target: linux | |
- base: elixir:1.11 | |
tag: elixir-1.11 | |
target: linux | |
- base: elixir:1.12 | |
tag: elixir-1.12 | |
target: linux | |
- base: golang | |
tag: golang | |
target: linux | |
- base: golang:1.20 | |
tag: golang-1.20 | |
target: linux | |
- base: golang:1.21 | |
tag: golang-1.21 | |
target: linux | |
- base: golang:1.22 | |
tag: golang-1.22 | |
target: linux | |
- base: golang:1.23 | |
tag: golang-1.23 | |
target: linux | |
- base: gradle | |
tag: gradle | |
target: linux | |
- base: gradle:jdk11 | |
tag: gradle-jdk11 | |
target: linux | |
- base: gradle:jdk12 | |
tag: gradle-jdk12 | |
target: linux | |
- base: gradle:jdk13 | |
tag: gradle-jdk13 | |
target: linux | |
- base: gradle:jdk14 | |
tag: gradle-jdk14 | |
target: linux | |
- base: gradle:jdk16 | |
tag: gradle-jdk16 | |
target: linux | |
- base: gradle:jdk17 | |
tag: gradle-jdk17 | |
target: linux | |
- base: gradle:jdk18 | |
tag: gradle-jdk18 | |
target: linux | |
- base: gradle:jdk19 | |
tag: gradle-jdk19 | |
target: linux | |
- base: gradle:jdk20 | |
tag: gradle-jdk20 | |
target: linux | |
- base: gradle:jdk21 | |
tag: gradle-jdk21 | |
target: linux | |
- base: gradle:jdk8 | |
tag: gradle-jdk8 | |
target: linux | |
- base: maven | |
tag: maven | |
target: linux | |
- base: maven:3-eclipse-temurin-17 | |
tag: maven-3-jdk-17 | |
target: linux | |
- base: maven:3-eclipse-temurin-20 | |
tag: maven-3-jdk-20 | |
target: linux | |
- base: maven:3-eclipse-temurin-21 | |
tag: maven-3-jdk-21 | |
target: linux | |
- base: maven:3-eclipse-temurin-22 | |
tag: maven-3-jdk-22 | |
target: linux | |
- base: maven:3-jdk-11 | |
tag: maven-3-jdk-11 | |
target: linux | |
- base: maven:3-jdk-8 | |
tag: maven-3-jdk-8 | |
target: linux | |
- base: mcr.microsoft.com/dotnet/core/sdk | |
tag: dotnet | |
target: linux | |
- base: mcr.microsoft.com/dotnet/sdk:8.0 | |
tag: dotnet-8.0 | |
target: linux | |
- base: node | |
tag: node | |
target: linux | |
- base: node:18 | |
tag: node-18 | |
target: linux | |
- base: node:20 | |
tag: node-20 | |
target: linux | |
- base: node:22 | |
tag: node-22 | |
target: linux | |
- base: python | |
tag: python | |
target: linux | |
- base: python:3.8 | |
tag: python-3.8 | |
target: linux | |
- base: python:3.9 | |
tag: python-3.9 | |
target: linux | |
- base: python:3.10 | |
tag: python-3.10 | |
target: linux | |
- base: python:3.11 | |
tag: python-3.11 | |
target: linux | |
- base: python:3.12 | |
tag: python-3.12 | |
target: linux | |
- base: ruby | |
tag: ruby | |
target: linux | |
- base: ruby:3.3 | |
tag: ruby-3.3 | |
target: linux | |
- base: swift | |
tag: swift | |
target: linux | |
- base: ubuntu | |
tag: linux | |
target: linux | |
- base: sbtscala/scala-sbt:eclipse-temurin-jammy-22_36_1.10.0_3.4.2 | |
tag: sbt1.10.0-scala3.4.2 | |
target: linux | |
- base: alpine | |
tag: alpine | |
target: alpine | |
- base: alpine | |
tag: cocoapods | |
target: alpine | |
- base: composer | |
tag: composer | |
target: alpine | |
- base: composer | |
tag: php | |
target: alpine | |
- base: docker:latest | |
tag: docker | |
target: alpine | |
- base: docker:latest | |
tag: docker-latest | |
target: alpine | |
- base: python:alpine | |
tag: python-alpine | |
target: alpine | |
- base: ruby:alpine | |
tag: ruby-alpine | |
target: alpine | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: docker/build-push-action@v1 | |
env: | |
DOCKER_BUILDKIT: "1" | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
add_git_labels: true | |
target: ${{ matrix.target }} | |
repository: snyk/snyk | |
tags: ${{ matrix.tag }} | |
build_args: IMAGE=${{ matrix.base }},TAG=${{ matrix.tag }},CLI_VERSION=${{ env.CLI_VERSION }} | |
- name: Run Snyk to check Docker image for vulnerabilities | |
uses: snyk/actions/docker@master | |
continue-on-error: true | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
with: | |
image: snyk/snyk:${{ matrix.tag }} | |
command: monitor | |
args: --target-reference=${{ matrix.tag }} --project-name=${{ matrix.tag }} | |
docs: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Update docker hub readme | |
uses: peter-evans/dockerhub-description@v4 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
repository: snyk/snyk |