diff --git a/.github/workflows/build-publish-jenkins-image.yaml b/.github/workflows/build-publish-jenkins-image.yaml index c143bbf..417892f 100644 --- a/.github/workflows/build-publish-jenkins-image.yaml +++ b/.github/workflows/build-publish-jenkins-image.yaml @@ -23,6 +23,7 @@ jobs: run: echo "JOB_START_TIME=$(date -u +"%d %B %A %Y %H:%M UTC")" >> $GITHUB_ENV - name: Git config and create new tag + if: github.ref == 'refs/heads/main' # Run only on main branch run: | # Run bash script to get new tag bash get_latest_version_create_tag.sh @@ -46,31 +47,21 @@ jobs: with: push: true platforms: linux/amd64,linux/arm64 - tags: ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:${{ env.NEW_VERSION }} + tags: | + ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:${{ env.NEW_VERSION }} + ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:latest build-args: | "JENKINS_USER=${{ secrets.JENKINS_USER }}" "JENKINS_PASS=${{ secrets.JENKINS_PASS }}" "GITHUB_APP_KEY=${{ secrets.GH_APP_KEY }}" - "GITHUB_APP_ID=${{ secrets.GH_APP_ID }}" - - - name: Build and Publish docker image with latest tag - uses: docker/build-push-action@v5 - with: - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:latest - build-args: | - "JENKINS_USER=${{ secrets.JENKINS_USER }}" - "JENKINS_PASS=${{ secrets.JENKINS_PASS }}" - "GITHUB_APP_KEY=${{ secrets.GH_APP_KEY }}" - "GITHUB_APP_ID=${{ secrets.GH_APP_ID }}" + "GITHUB_APP_ID=${{ secrets.GH_APP_ID }}" - name: set up docker and scan docker image for vulnerabilities uses: docker-practice/actions-setup-docker@master - run: | set -x docker version - docker run -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy image ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:latest + docker run -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy image ${{ secrets.DOCKERHUB_USERNAME }}/jenkins-core-image:latest - name: Set job end time run: echo "JOB_END_TIME=$(date -u +"%d %B %A %Y %H:%M UTC")" >> $GITHUB_ENV