Skip to content

build_and_push_images #19

build_and_push_images

build_and_push_images #19

Workflow file for this run

# +-----------------------------------------------+
# | WARNING: This file is generated, do not edit! |
# | Edit _templates/release-channel.yml.erb instead. |
# +-----------------------------------------------+
name: Build and push images (stable)
on:
push:
branches:
- master
paths:
- "**/*"
- "!README.md"
- "!build.rb"
schedule:
# As well as running when we make changes we should run at least
# every week in order to pick up new parent images and new versions of Snyk
- cron: "0 0 * * 0"
workflow_dispatch:
repository_dispatch:
types: [build_and_push_images]
jobs:
build:
runs-on: ubuntu-latest
if: |
github.event_name == 'schedule' ||
github.event_name == 'push' ||
(github.event_name == 'repository_dispatch' && github.event.client_payload.release_channel == 'stable')
env:
CLI_VERSION: ${{ github.event.client_payload.version || 'stable' }}
strategy:
fail-fast: false
matrix:
base:
- clojure
tag:
- clojure
target:
- linux
include:
- base: clojure:boot
tag: clojure-boot
target: linux
- base: clojure:lein
tag: clojure-lein
target: linux
- base: clojure:tools-deps
tag: clojure-tools-deps
target: linux
- base: elixir
tag: elixir
target: linux
- base: elixir:1.10
tag: elixir-1.10
target: linux
- base: elixir:1.11
tag: elixir-1.11
target: linux
- base: elixir:1.12
tag: elixir-1.12
target: linux
- base: golang
tag: golang
target: linux
- base: golang:1.20
tag: golang-1.20
target: linux
- base: golang:1.21
tag: golang-1.21
target: linux
- base: golang:1.22
tag: golang-1.22
target: linux
- base: golang:1.23
tag: golang-1.23
target: linux
- base: gradle
tag: gradle
target: linux
- base: gradle:jdk11
tag: gradle-jdk11
target: linux
- base: gradle:jdk12
tag: gradle-jdk12
target: linux
- base: gradle:jdk13
tag: gradle-jdk13
target: linux
- base: gradle:jdk14
tag: gradle-jdk14
target: linux
- base: gradle:jdk16
tag: gradle-jdk16
target: linux
- base: gradle:jdk17
tag: gradle-jdk17
target: linux
- base: gradle:jdk18
tag: gradle-jdk18
target: linux
- base: gradle:jdk19
tag: gradle-jdk19
target: linux
- base: gradle:jdk20
tag: gradle-jdk20
target: linux
- base: gradle:jdk21
tag: gradle-jdk21
target: linux
- base: gradle:jdk8
tag: gradle-jdk8
target: linux
- base: maven
tag: maven
target: linux
- base: maven:3-eclipse-temurin-17
tag: maven-3-jdk-17
target: linux
- base: maven:3-eclipse-temurin-20
tag: maven-3-jdk-20
target: linux
- base: maven:3-eclipse-temurin-21
tag: maven-3-jdk-21
target: linux
- base: maven:3-eclipse-temurin-22
tag: maven-3-jdk-22
target: linux
- base: maven:3-jdk-11
tag: maven-3-jdk-11
target: linux
- base: maven:3-jdk-8
tag: maven-3-jdk-8
target: linux
- base: mcr.microsoft.com/dotnet/core/sdk
tag: dotnet
target: linux
- base: mcr.microsoft.com/dotnet/sdk:8.0
tag: dotnet-8.0
target: linux
- base: node
tag: node
target: linux
- base: node:18
tag: node-18
target: linux
- base: node:20
tag: node-20
target: linux
- base: node:22
tag: node-22
target: linux
- base: python
tag: python
target: linux
- base: python:3.8
tag: python-3.8
target: linux
- base: python:3.9
tag: python-3.9
target: linux
- base: python:3.10
tag: python-3.10
target: linux
- base: python:3.11
tag: python-3.11
target: linux
- base: python:3.12
tag: python-3.12
target: linux
- base: ruby
tag: ruby
target: linux
- base: ruby:3.3
tag: ruby-3.3
target: linux
- base: swift
tag: swift
target: linux
- base: ubuntu
tag: linux
target: linux
- base: sbtscala/scala-sbt:eclipse-temurin-jammy-22_36_1.10.0_3.4.2
tag: sbt1.10.0-scala3.4.2
target: linux
- base: alpine
tag: alpine
target: alpine
- base: alpine
tag: cocoapods
target: alpine
- base: composer
tag: composer
target: alpine
- base: composer
tag: php
target: alpine
- base: docker:latest
tag: docker
target: alpine
- base: docker:latest
tag: docker-latest
target: alpine
- base: python:alpine
tag: python-alpine
target: alpine
- base: ruby:alpine
tag: ruby-alpine
target: alpine
steps:
- uses: actions/checkout@v3
- uses: docker/build-push-action@v1
env:
DOCKER_BUILDKIT: "1"
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
add_git_labels: true
target: ${{ matrix.target }}
repository: snyk/snyk
tags: ${{ matrix.tag }}
build_args: IMAGE=${{ matrix.base }},TAG=${{ matrix.tag }},CLI_VERSION=${{ env.CLI_VERSION }}
- name: Run Snyk to check Docker image for vulnerabilities
uses: snyk/actions/docker@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: snyk/snyk:${{ matrix.tag }}
command: monitor
args: --target-reference=${{ matrix.tag }} --project-name=${{ matrix.tag }}
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Update docker hub readme
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: snyk/snyk