Merge pull request #43 from KubeLilin/dev #31

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Compile&Publish

	on:
	push:
	branches:
	- main
	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout Repo
	uses: actions/checkout@v3
	- name: Setup Go
	uses: actions/setup-go@v3
	with:
	go-version: "1.18.0"

	- name: Build kubelilin apiserver
	run: \|
	go env -w GOPROXY=https://goproxy.cn,direct
	cd src
	go mod tidy
	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o app .

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	if: github.event_name != 'pull_request'

	- name: Login to Docker Hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKER_HUB_USERNAME }}
	password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
	if: github.event_name != 'pull_request'


	- name: Build And Push kubelilin apiserver
	uses: docker/build-push-action@v3
	with:
	context: .
	file: src/Dockerfile_Prod
	push: true
	cache-from: type=gha,scope=blockcluster
	cache-to: type=gha,scope=blockcluster
	tags: ${{ secrets.DOCKER_HUB_USERNAME }}/kubelilin-apiserver:latest
	if: github.event_name != 'pull_request'
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@0.6.2
	continue-on-error: true
	with:
	image-ref: ${{ secrets.DOCKER_HUB_USERNAME }}/kubelilin-apiserver:latest
	format: 'sarif'
	output: 'trivy-results-${{ matrix.image }}.sarif'
	ignore-unfixed: 'true'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	continue-on-error: true
	with:
	sarif_file: 'trivy-results-${{ matrix.image }}.sarif'
	- name: Upload Scan Results
	uses: actions/upload-artifact@v3
	continue-on-error: true
	with:
	name: 'trivy-results-${{ matrix.image }}.sarif'
	path: 'trivy-results-${{ matrix.image }}.sarif'
	if: always()

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #43 from KubeLilin/dev #31

Workflow file

Merge pull request #43 from KubeLilin/dev #31

Jobs

Run details

Workflow file for this run