Skip to content

Bump @types/geojson from 7946.0.14 to 7946.0.15 in /ui #864

Bump @types/geojson from 7946.0.14 to 7946.0.15 in /ui

Bump @types/geojson from 7946.0.14 to 7946.0.15 in /ui #864

Workflow file for this run

name: Docker builds
on:
pull_request:
branches: [master]
push:
branches: [master]
tags:
- v*
schedule:
- cron: '18 1 * * 4'
env:
DOCKER_USERNAME: kkoval
DOCKER_IMAGE: kkoval/photoview
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
jobs:
prepare:
name: Get latest tag
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Prepare the Matrix
id: prepare_matrix
shell: bash
run: |
case ${{ github.event_name }} in
pull_request)
echo Event is ${{ github.event_name }}
echo 'tags=[{"tag": "", "ref": "${{ github.ref }}"}]' | tee -a $GITHUB_OUTPUT
;;
push)
echo Event is ${{ github.event_name }}
echo 'tags=[{"tag": "${{ github.ref_name }}", "ref": "${{ github.ref }}"}]' | tee -a $GITHUB_OUTPUT
;;
schedule)
echo Event is ${{ github.event_name }}
git fetch --all
TAG=$(git describe --tags --abbrev=0 || exit 0)
echo TAG = $TAG
if [ -z "$TAG" ]; then
echo 'tags=[{"tag": "${{ github.ref_name }}", "ref": "${{ github.ref }}"}]' | tee -a $GITHUB_OUTPUT
else
echo 'tags=[{"tag": "${{ github.ref_name }}", "ref": "${{ github.ref }}"}, {"tag": "$TAG", "ref": "$(git show-ref --tags -d | grep "/$TAG$" | cut -d ' ' -f 2)"}]' | tee -a $GITHUB_OUTPUT
fi
;;
*)
echo "Run for '${{ github.event_name }}' is not expected"
echo 'tags=[{"tag": "", "ref": "${{ github.ref }}"}]' | tee -a $GITHUB_OUTPUT
;;
esac
outputs:
tags: ${{ steps.prepare_matrix.outputs.tags }}
build:
name: Build Docker Image
runs-on: ubuntu-latest
needs: prepare
strategy:
fail-fast: false
matrix:
tags: ${{ fromJson(needs.prepare.outputs.tags) }}
steps:
- name: Checkout ${{ matrix.tags.ref }}
uses: actions/checkout@v4
with:
ref: ${{ matrix.tags.ref }}
- name: Fetch branches
run: git fetch --all
- name: Hadolint report for Sonar
uses: hadolint/[email protected]
with:
dockerfile: Dockerfile
config: ${{ github.workspace }}/.hadolint.yaml
output-file: ${{ github.workspace }}/hadolint.json
format: json
failure-threshold: ignore
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
if: github.repository == 'kkovaletp/photoview'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_DOCKER }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ env.PLATFORMS }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
if: github.event_name != 'pull_request' && github.repository == 'kkovaletp/photoview'
uses: docker/login-action@v3
with:
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: ${{ env.DOCKER_IMAGE }}
# Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set build args
id: vars
run: |
echo "BUILD_DATE=$(date +%Y-%m-%d)" >> $GITHUB_OUTPUT
echo "VERSION=kkoval-2-$(date +%Y-%m-%d)" >> $GITHUB_OUTPUT
- name: Build and Push
id: docker_buildx
uses: docker/build-push-action@v6
with:
context: .
sbom: true
provenance: mode=max
platforms: ${{ env.PLATFORMS }}
push: ${{ github.event_name != 'pull_request' && github.repository == 'kkovaletp/photoview' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
annotations: ${{ steps.docker_meta.outputs.annotations }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
REACT_APP_BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
VERSION=${{ steps.vars.outputs.VERSION }}
REACT_APP_BUILD_VERSION=${{ steps.vars.outputs.VERSION }}
COMMIT_SHA=${{ github.sha }}
REACT_APP_BUILD_COMMIT_SHA=${{ github.sha }}
dockle:
name: Dockle Container Analysis
runs-on: ubuntu-latest
needs:
- prepare
- build
strategy:
fail-fast: false
matrix:
tags: ${{ fromJson(needs.prepare.outputs.tags) }}
if: ${{ github.repository == 'kkovaletp/photoview' && github.event_name != 'pull_request' }}
steps:
# Makes sure your .dockleignore file is available to the next step
- name: Checkout ${{ matrix.tags.ref }}
uses: actions/checkout@v4
with:
ref: ${{ matrix.tags.ref }}
- name: Docker Login
uses: docker/login-action@v3
with:
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
- name: Run Dockle for 'kkoval/photoview:${{ matrix.tags.tag }}'
id: dockle
if: ${{ matrix.tags.tag != '' }}
uses: erzz/dockle-action@v1
with:
image: kkoval/photoview:${{ matrix.tags.tag }}
report-name: dockle-results-${{ matrix.tags.tag }}
report-format: sarif
failure-threshold: fatal
exit-code: 1
timeout: 5m
- name: Upload SARIF file
if: ${{ steps.dockle.conclusion == 'success' || steps.dockle.conclusion == 'failure' }}
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: dockle-results-${{ matrix.tags.tag }}.sarif