Skip to content

fix: correct the commit msg & table #5

fix: correct the commit msg & table

fix: correct the commit msg & table #5

Workflow file for this run

name: Release
on:
push:
branches: master
paths:
- '.github/workflows/release.yml'
- 'api/*.py'
- 'pyproject.toml'
- 'Dockerfile'
jobs:
release:
name: Release
if: github.actor != 'dependabot[bot]' || github.actor != 'github-actions[bot]' || github.actor != 'protected-auto-commits[bot]'
runs-on: ubuntu-latest
concurrency: release
permissions:
contents: write
issues: write
pull-requests: write
steps:
- name: GitHub App Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ secrets.GH_APP_ID }}
private-key: ${{ secrets.GH_PRIVATE_KEY }}
- name: Checkout Repo
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ steps.app-token.outputs.token }}
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: "pip"
- name: Cache Dependencies
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
pip install python-semantic-release
- name: Semantic Release
id: github-release
uses: python-semantic-release/python-semantic-release@v9.8.6
with:
github_token: ${{ steps.app-token.outputs.token }}
docker:
name: Docker
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
needs: release
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Extract Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ vars.DOCKER_USERNAME }}/wakatime-leaderboards
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=sha
- name: Build & Push Docker Image
uses: docker/build-push-action@v6
with:
context: .
sbom: ${{ github.event_name != 'pull_request' }}
push: ${{ github.event_name != 'pull_request' }}
load: ${{ github.event_name == 'pull_request' }}
tags: |
${{ vars.DOCKER_USERNAME }}/wakatime-leaderboards:latest
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
file: Dockerfile
- name: Docker Scout Scan
uses: docker/scout-action@v1.11.0
with:
command: quickview, cves
image: ${{ vars.DOCKER_USERNAME }}/wakatime-leaderboards:latest
to: ${{ vars.DOCKER_USERNAME }}/wakatime-leaderboards:latest
only-severities: critical, high
only-fixed: true
write-comment: true
github-token: ${{ secrets.GITHUB_TOKEN }}
sarif-file: docker-scout-results.sarif
- name: Upload Scout Scan Results
if: always()
uses: actions/upload-artifact@v4
with:
name: docker-scout-results
path: docker-scout-results.sarif