File: container.yml

package info (click to toggle)
gvm-tools 25.4.4-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,480 kB
  • sloc: python: 10,611; xml: 445; makefile: 27
file content (75 lines) | stat: -rw-r--r-- 2,718 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
name: Build and Push Container Images

on:
  push:
    branches:
      - main
    tags:
      - "v*"
  pull_request:
    branches:
      - main
  workflow_dispatch:
    inputs:
      ref-name:
        type: string
        description: "The ref to build a container image from. For example a tag v23.0.0."
        required: true

concurrency:
  group: ${{ github.workflow }}-${{ inputs.ref-name || github.ref }}
  cancel-in-progress: true

jobs:
  build:
    if: ${{ github.repository == 'greenbone/gvm-tools' }}
    name: Build and Push Container Images
    uses: greenbone/workflows/.github/workflows/container-build-push-gea.yml@main
    with:
      ref: ${{ inputs.ref-name }}
      ref-name: ${{ inputs.ref-name }}
      dockerfile: .docker/Dockerfile
      images: |
        ghcr.io/${{ github.repository }},enable=true
        ${{ vars.GREENBONE_REGISTRY }}/community/${{ github.event.repository.name }},enable=${{ github.event_name != 'pull_request' }}
        ${{ vars.GREENBONE_REGISTRY }}/openvas-scan-dev/${{ github.event.repository.name }},enable=${{ github.event_name != 'pull_request' }}
      labels: |
        org.opencontainers.image.vendor=Greenbone
        org.opencontainers.image.documentation=https://greenbone.github.io/gvm-tools/
        org.opencontainers.image.base.name=debian/stable-slim
    secrets: inherit

  notify:
    needs:
      - build
    if: ${{ !cancelled() && github.event_name != 'pull_request' && github.repository == 'greenbone/gvm-tools' }}
    uses: greenbone/workflows/.github/workflows/notify-mattermost-2nd-gen.yml@main
    with:
      status: ${{ contains(needs.*.result, 'failure') && 'failure' || 'success' }}
    secrets: inherit

  trigger-replication:
    needs:
      - build
    if: ${{ !cancelled() && github.event_name != 'pull_request' && github.repository == 'greenbone/gvm-tools' }}
    runs-on: self-hosted-generic
    steps:
      - name: Ensure all tags are replicated on the public registry
        uses: greenbone/actions/trigger-harbor-replication@v3
        if: ${{ github.event_name != 'pull_request' }}
        with:
          registry: ${{ vars.GREENBONE_REGISTRY }}
          token: ${{ secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN }}
          user: ${{ secrets.GREENBONE_REGISTRY_REPLICATION_USER }}

  automatix:
    name: Update Automatix
    if: ${{ !cancelled() && startsWith(github.ref, 'refs/tags/v') }}
    needs: build
    uses: greenbone/workflows/.github/workflows/automatix-service.yml@main
    with:
      service: openvas-gvm-tools
      url: ${{ vars.GREENBONE_REGISTRY }}/openvas-scan-dev/${{ github.event.repository.name }}
      tag: ${{ github.ref_name }}
      digest: ${{ needs.build.outputs.digest }}
    secrets: inherit