Merge pull request #30 from ocpdude/dependabot/npm_and_yarn/tar-7.0.1 #35

	name: Docker Image CI

	on:
	push:
	branches: [ "main" ]

	workflow_dispatch:

	env:
	REGISTRY: ghcr.io
	jobs:
	security-checks:
	permissions:
	contents: read
	security-events: write
	actions: read
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Build the test image
	run: docker build . --file Dockerfile --tag localbuild/testimage:latest
	- name: Grype scan the test image
	uses: anchore/scan-action@v3
	id: scan
	with:
	image: "localbuild/testimage:latest"
	fail-build: false
	severity-cutoff: critical
	- name: Upload vulnerability report
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: ${{ steps.scan.outputs.sarif }}

	build-deployment:
	needs: security-checks
	runs-on: ubuntu-latest
	steps:
	- name: Get the date
	id: date
	run: echo "::set-output name=date::$(date +'%m%d')"
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.MYTOKEN }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	push: true
	tags: \|
	${{ env.REGISTRY }}/ocpdude/safe-settings:latest
	${{ env.REGISTRY }}/ocpdude/safe-settings:${{ steps.date.outputs.date }}

Provide feedback