Skip to content

Commit

Permalink
Merge pull request #15 from sarg3nt/patch-upgrade-release-3
Browse files Browse the repository at this point in the history
Fix github token missing error
  • Loading branch information
sarg3nt authored Oct 29, 2024
2 parents b437c44 + 99df13a commit d4663a3
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 9 deletions.
10 changes: 8 additions & 2 deletions .github/workflows/patch-upgrades-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,23 @@ on:
schedule:
- cron: '0 0 * * 0' # Runs weekly
workflow_dispatch: # Allows manual triggering
pull_request:
branches:
- main

permissions: read-all

jobs:
build-and-release:
release:
runs-on: ubuntu-latest
permissions:
contents: write

steps:
- name: 'Checkout Repository'
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# See: https://github.com/huggingface/semver-release-action?tab=readme-ov-file
# and https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#branches
- name: Release
uses: huggingface/semver-release-action@latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
8 changes: 2 additions & 6 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,6 @@ jobs:
name: Build
runs-on: "ubuntu-20.04"
steps:
# - name: Authenticate to GitHub Container Registry
# run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Log into registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
Expand All @@ -51,14 +48,13 @@ jobs:
- name: Build and push Docker image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
context: .
push: false
tags: ${{ github.sha }}
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
with:
image-ref: 'ghcr.io/sarg3nt/go-docker-container:${{ github.sha }}'
image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
Expand Down
2 changes: 1 addition & 1 deletion SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,5 @@ Dependabot is used to maintain dependency versions.

## Reporting a Vulnerability

Report found vulnerabilities by opening an Issue.
Report found vulnerabilities by contacting us at [[email protected]](mailto:[email protected])

0 comments on commit d4663a3

Please sign in to comment.