Update .github/workflows/.github-ci.yaml

2024-12-16 10:17:12 +00:00 · 2024-12-16 10:17:12 +00:00 · a43f9dc5b4
commit a43f9dc5b4
parent 6bd0e272d5
1 changed files with 17 additions and 34 deletions
--- a/.github/workflows/.github-ci.yaml
+++ b/.github/workflows/.github-ci.yaml
@ -5,43 +5,26 @@ jobs:
  ci:
    runs-on: docker
 
-    #container:
-    #  image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/pipe:v0.0.1
+    container:
+      image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/pipe:v0.0.1
 
    steps:
 
-      #- name: Clone Repository
-      #  uses: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/checkout@main
+      - name: Clone Repository
+        uses: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/checkout@main
 
-      #- name: Lint the Repository
-      #  run: |
-      #    which trivy
-      #    golangci-lint run ./... --out-format=json --timeout 5m --issues-exit-code 1
+      - name: Lint the Repository
+        run: |
+          which trivy
+          golangci-lint run ./... --out-format=json --timeout 5m --issues-exit-code 1
 
-      - uses: actions/checkout@v4
-
-      - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
-        with:
-          go-version: "1.21"
-          check-latest: true
+      - name: Build Credentials File
+        run: |
+          mkdir -p /kaniko/.docker
+          AUTHSTRING=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 -w 0)
+          echo "{\"auths\":{\"https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live\":{\"auth\":\"${AUTHSTRING}\"}}}" > /kaniko/.docker/config.json
      
-      - name: golangci-lint
-        uses: https://github.com/golangci/golangci-lint-action@v6
-        with:
-          version: v1.60
-
-      - name: Build
-        uses: https://codeberg.org/umglurf/kaniko-action@main
-        with:
-          cache: true
-          cache_repo: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go/cache
-          credentials: |
-            https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/v1/=${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}          
-          destinations: |
-            forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest          
-          push: 'true'
-
-      #- name: Vulnerability Scanning
-      #  run: |
-      #    trivy image --scanners license,vuln,secret forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
-      #    trivy image --image-config-scanners secret,misconfig forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
+      - name: Vulnerability Scanning
+        run: |
+          trivy image --scanners license,vuln,secret forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest
+          trivy image --image-config-scanners secret,misconfig forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/fibonacci_go/fibonacci_go:latest