33 lines
1.3 KiB
YAML
33 lines
1.3 KiB
YAML
name: ci-workflow
|
|
|
|
on: [push]
|
|
jobs:
|
|
ci:
|
|
runs-on: docker
|
|
|
|
container:
|
|
image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/pipeline-container/complete:v0.0.2
|
|
|
|
steps:
|
|
|
|
- name: Clone Repository
|
|
uses: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/checkout@main
|
|
|
|
- name: Lint the Repository
|
|
run: |
|
|
golangci-lint run ./... --out-format=json --timeout 5m --issues-exit-code 1
|
|
|
|
- name: Build Credentials File
|
|
run: |
|
|
mkdir -p ~/.docker
|
|
AUTHSTRING=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 -w 0)
|
|
echo "{\"auths\":{\"https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live\":{\"auth\":\"${AUTHSTRING}\"}}}" > ~/.docker/config.json
|
|
|
|
- name: Build Docker Container
|
|
run: |
|
|
KO_DOCKER_REPO="forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go" ko build --bare ./cmd
|
|
|
|
- name: Vulnerability Scanning
|
|
run: |
|
|
trivy image --scanners license,vuln,secret forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
|
|
trivy image --image-config-scanners secret,misconfig forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
|