Skip to content
CICD

fix(deps): update mcr.microsoft.com/dotnet/sdk:8.0-alpine docker digest to 55695b6 #714

Sign in to view logs

fix(deps): update mcr.microsoft.com/dotnet/sdk:8.0-alpine docker digest to 55695b6

fix(deps): update mcr.microsoft.com/dotnet/sdk:8.0-alpine docker digest to 55695b6 #714

Workflow file for this run

.github/workflows/cicd.yml at 8d872e5
name: CICD
on:
workflow_dispatch:
push:
branches:
- 'main'
- 'alpha'
- 'beta'
- 'dev'
pull_request:
types: [opened, reopened, synchronize]
merge_group:
jobs:
build-test:
name: Build & Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup .NET Core
uses: actions/setup-dotnet@v4
with:
global-json-file: global.json
- name: .NET Build
run: dotnet build -c Release
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker Buildx
working-directory: src/ingress-nginx-validate-jwt
run: docker buildx build --platform linux/amd64,linux/arm64 -t ingress-nginx-validate-jwt .
- name: Docker Build
working-directory: src/ingress-nginx-validate-jwt
run: docker build -t ingress-nginx-validate-jwt .
- name: .NET Test
run: dotnet test -c Release --collect:"XPlat Code Coverage"
env:
TESTCLIENTSECRET: ${{ secrets.TESTCLIENTSECRET }}
- name: Coverage
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: coverage.cobertura.xml
fail_ci_if_error: true
- name: Benchmark
working-directory: benchmarks/ingress-nginx-validate-jwt-benchmarks
run: dotnet run -c Release
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'ingress-nginx-validate-jwt'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
create-release:
if: ${{ github.event_name != 'pull_request' }}
name: Create Release
runs-on: ubuntu-latest
needs: build-test
steps:
- uses: actions/checkout@v4
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v3
id: semantic
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
if: steps.semantic.outputs.new_release_published == 'true'
uses: docker/setup-buildx-action@v3
- name: Docker Push
if: steps.semantic.outputs.new_release_published == 'true'
working-directory: src/ingress-nginx-validate-jwt
run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${GITHUB_ACTOR} --password-stdin
echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ivanjosipovic --password-stdin
docker buildx build --push --platform linux/amd64,linux/arm64 -t ivanjosipovic/ingress-nginx-validate-jwt:latest -t ivanjosipovic/ingress-nginx-validate-jwt:${{ steps.semantic.outputs.new_release_version }} -t ghcr.io/${GITHUB_REPOSITORY,,}/ingress-nginx-validate-jwt:latest -t ghcr.io/${GITHUB_REPOSITORY,,}/ingress-nginx-validate-jwt:${{ steps.semantic.outputs.new_release_version }} --build-arg VERSION=${{ steps.semantic.outputs.new_release_version }} .
- name: Install Helm
if: steps.semantic.outputs.new_release_published == 'true'
uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Update Helm Version
if: steps.semantic.outputs.new_release_published == 'true'
shell: bash
run: |
cp ./README.md ./charts/ingress-nginx-validate-jwt/
sed -i 's/0.0.1/${{ steps.semantic.outputs.new_release_version }}/' ./charts/ingress-nginx-validate-jwt/Chart.yaml
- name: Run chart-releaser
if: steps.semantic.outputs.new_release_published == 'true'
uses: helm/chart-releaser-action@v1
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"