Skip to content

Release v2.2.2 (#66) #160

Release v2.2.2 (#66)

Release v2.2.2 (#66) #160

Workflow file for this run

name: ci
on:
push:
branches:
- develop
- dev-[0-9]+.[0-9]+.[0-9]+
tags:
- v*
workflow_dispatch:
env:
REGISTRY: ghcr.io
jobs:
ci:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '16.13.0'
- name: Install Dev Dependencies and Build
run: |
npm install
npm run build
- name: Install Production Dependencies
run: |
rm -rf node_modules
npm install --only=production
- name: Login to the Container Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Extract Metadata (tags and labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}
- name: Build Docker Image
uses: docker/build-push-action@v3
with:
context: .
load: true
tags: ${{ env.REGISTRY }}/nasa-ammos/aerie-gateway:${{ github.sha }}
- name: Scan Docker image
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.REGISTRY }}/nasa-ammos/aerie-gateway:${{ github.sha }}
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL'
- name: Push Docker Image
uses: docker/build-push-action@v3
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}