adds podman action for building docker

2024-12-12 16:27:51 +01:00 · 2024-12-12 16:27:51 +01:00 · 0243d32d2c
commit 0243d32d2c
parent aaea1f1cfa
1 changed files with 34 additions and 0 deletions
--- a/.github/workflows/.github-ci_podman
+++ b/.github/workflows/.github-ci_podman
@ -0,0 +1,34 @@
+name: ci-workflow
+ 
+on: [push]
+jobs:
+  ci:
+    runs-on: docker
+ 
+    container:
+      image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/complete:latest
+ 
+    steps:
+ 
+      - name: Clone Repository
+        uses: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/checkout@main
+ 
+      - name: Lint the Repository
+        run: |
+          golangci-lint run ./... --out-format=json --timeout 5m --issues-exit-code 1
+ 
+      - name: Build Credentials File
+        run: |
+          mkdir -p /kaniko/.docker
+          AUTHSTRING=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 -w 0)
+          echo "{\"auths\":{\"https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live\":{\"auth\":\"${AUTHSTRING}\"}}}" > /kaniko/.docker/config.json
+      
+      - name: Build Docker Container
+        run: |
+          podman build -t fibonacci_go:latest -f Dockerfile .
+          podman push fibonacci_go:latest forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
+ 
+      - name: Vulnerability Scanning
+        run: |
+          trivy image --scanners license,vuln,secret forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
+          trivy image --image-config-scanners secret,misconfig forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest