Skip to content

Initial commit

Initial commit #1

Workflow file for this run

name: Producer-CI
on:
push:
branches:
- main
paths:
- '03-producer/**' # Any change in this path, make trigger build action.
- '.github/workflows/producer-ci.yaml'
env:
REPO_APP: 'mqtt-producer'
SLACK_CHANNEL: 'builds-and-ci'
SLACK_MSG_COLOR: '#0092ff'
BUILD_CONTEXT: './03-producer'
jobs:
Producer-CI_build-docker-image:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Generate tag ID
id: tag_id
run: echo "::set-output name=IMAGE_TAG::$(date +%Y.%m)"
- name: Build and push
uses: docker/build-push-action@v4
with:
context: ${{ env.BUILD_CONTEXT }}
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPO_APP }}:${{ steps.tag_id.outputs.IMAGE_TAG }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPO_APP }}:${{ steps.tag_id.outputs.IMAGE_TAG }}'
format: 'table'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
#exit-code: '1'
- name: Slack Notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: ${{ env.SLACK_CHANNEL }}
SLACK_COLOR: ${{ env.SLACK_MSG_COLOR }}
SLACK_MESSAGE: 'URL: https://hub.docker.com/repository/docker/${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPO_APP }}'
SLACK_TITLE: ':rocket: GithubAction Build docker image: [ ${{ env.REPO_APP }}:${{ steps.tag_id.outputs.IMAGE_TAG }} ]'
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}