.github/workflows/.github-ci.yaml

@@ -1,26 +1,33 @@
 name: ci-workflow
  
 on: [push]
-
 jobs:
   ci:
     runs-on: docker
-
+ 
+    container:
+      image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/pipeline-container/complete:v0.0.3
+ 
     steps:
-      - name: Checkout
+ 
-        uses: actions/checkout@v4
+      - name: Clone Repository
-
+        uses: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/checkout@main
-      - name: Debug
+ 
+      - name: Lint the Repository
         run: |
-          echo 1 test 2 ${{ secrets.PACKAGES_USER }} 3 ${{ secrets.REPO_USER }} 4
+          golangci-lint run ./... --out-format=json --timeout 10m --issues-exit-code 1
-
+ 
-      - name: Build
+      - name: Build Credentials File
-        uses: https://codeberg.org/umglurf/kaniko-action@main
+        run: |
-        with:
+          mkdir -p ~/.docker
-          cache: true
+          AUTHSTRING=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 -w 0)
-          cache_repo: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/cache
+          echo "{\"auths\":{\"https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live\":{\"auth\":\"${AUTHSTRING}\"}}}" > ~/.docker/config.json
-          credentials: |
+      
-            forgejo.edf-bootstrap.cx.fg1.ffm.osc.live=${{ secrets.PACKAGES_USER }}:${{ secrets.PACKAGES_TOKEN }}
+      - name: Build Docker Container
-          destinations: |
+        run: |
-            forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go:1.2.3
+          KO_DOCKER_REPO="forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go" ko build --bare ./cmd
-          push: 'true'
+ 
+      - name: Vulnerability Scanning
+        run: |
+          trivy image --scanners license,vuln,secret forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go:latest
+          trivy image --image-config-scanners secret,misconfig forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go:latest