revamp workflows

.github/workflows/build.yml

@@ -1,28 +1,66 @@
-name: Safety Action Build And Publish
+name: Publish Docker image
 
 on:
-  push:
-    tags:
-      - "^(\\d+\\.\\d+(\\.\\d+)?)$"
-    branches: [image-builds]
-
-env:
-    DOCKER_BUILDKIT: 1
+  workflow_dispatch:
 
 jobs:
-  build:
-    runs-on: ubuntu-20.04
-    environment: main
+  build-and-push:
+    runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
+
+    - uses: actions/setup-python@v4
+      with:
+        python-version: "3.10"
+        cache: "pip"
+
+    - name: Safety Version
+      run: |
+        pip install packaging
+        package_version=$(cat safety/VERSION)
+        echo $package_version
+        echo "SAFETY_VERSION=$package_version" >> $GITHUB_ENV
+
+    - name: Extract Major and Minor Version
+      run: |
+        python scripts/extract_version.py
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+      with:
+        driver-opts: |
+          image=moby/buildkit:v0.10.6
+
+    - name: Log into registry
+      run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin
+
+    - name: Docker meta
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: |
+          ghcr.io/pyupio/safety
+        tags: |
+          type=raw,value=${{ env.SAFETY_VERSION }},suffix=-{{ sha }}
+          type=raw,value=${{ env.SAFETY_VERSION }}
+          type=raw,value=${{ env.SAFETY_MAJOR_VERSION }}.${{ env.SAFETY_MINOR_VERSION }}
+          type=raw,value=${{ env.SAFETY_MAJOR_VERSION }}
+          type=raw,value=latest
+        labels: |
+          org.opencontainers.image.title=Safety CLI
+          org.opencontainers.image.description=Safety CLI is a Python dependency vulnerability scanner that enhances software supply chain security at every stage of development.
+          org.opencontainers.image.vendor=Safety Cybersecurity
+          org.opencontainers.image.licenses=MIT
 
-      - name: Build image
-        run: docker build -t pyupio/safety-v2-beta:latest .
+    - name: Build and Push image
+      uses: docker/build-push-action@v4
+      with:
+        context: .
+        push: true
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        build-args: SAFETY_VERSION=${{ env.SAFETY_VERSION }} 
 
-      - name: Upload image
-        env:
-          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-        run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin &&
-             docker push pyupio/safety-v2-beta:latest

.github/workflows/main.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python-version: [ "3.6", "3.7", "3.8", "3.9", "3.10", "3.11" ]
+        python-version: [ "3.7", "3.8", "3.9", "3.10", "3.11", "3.12" ]
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python
@@ -33,7 +33,7 @@ jobs:
     needs: test
     runs-on: ubuntu-20.04
 
-    if: contains(fromJson('["refs/heads/main", "refs/heads/develop", "refs/heads/binaries-fixes"]'), github.ref) || startsWith(github.ref, 'refs/tags')
+    if: contains(fromJson('["refs/heads/main", "refs/heads/binaries-fixes"]'), github.ref) || startsWith(github.ref, 'refs/tags')
 
     steps:
       - name: Slack trigger
@@ -45,8 +45,6 @@ jobs:
     needs: test
     runs-on: ${{ matrix.os }}
 
-    if: contains(fromJson('["refs/heads/main", "refs/heads/develop", "refs/heads/binaries-fixes"]'), github.ref) || startsWith(github.ref, 'refs/tags')
-
     strategy:
       matrix:
         os: [ 'windows-latest', 'ubuntu-20.04', 'macos-latest' ]