Build tool-box container #1352

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/tool-box.yml at 1458bc6

	---

	name: tool-box
	run-name: Build tool-box container

	on:
	pull_request:
	paths:
	- 'pipelines/dockerfiles/tool-box/**'
	- .github/workflows/tool-box.yml
	branches: [ master ]

	push:
	paths:
	- 'pipelines/dockerfiles/tool-box/**'
	- .github/workflows/tool-box.yml
	branches: [ master ]

	workflow_dispatch:

	env:
	IMAGE_NAME: constantin07/tool-box:latest

	jobs:
	build:
	runs-on: ubuntu-22.04
	permissions:
	security-events: write
	defaults:
	run:
	working-directory: pipelines/dockerfiles/tool-box
	steps:
	- name: Checkout source code
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/[email protected]
	with:
	driver-opts: image=moby/buildkit:master

	- name: Login to Docker Hub
	uses: docker/[email protected]
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Copy required files
	run: \|
	cp -a ../../../ansible/requirements.yml .
	cp -a ../../../bin .

	- name: Docker build
	uses: docker/[email protected]
	with:
	context: pipelines/dockerfiles/tool-box
	platforms: linux/amd64,linux/arm64
	push: false
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: VAULT_CERTS=no_copy
	tags: ${{ env.IMAGE_NAME }}
	load: false

	- name: Load amd64 platform
	run: docker buildx build --load --platform 'linux/amd64' -t ${{ env.IMAGE_NAME }} .

	- name: Load arm64 platform with a different tag
	run: docker buildx build --load --platform 'linux/arm64' -t ${{ env.IMAGE_NAME }}-arm64 .

	- name: Run trivy scan
	uses: aquasecurity/[email protected]
	with:
	image-ref: ${{ env.IMAGE_NAME }}
	format: sarif
	output: trivy-results.sarif

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: trivy-results.sarif

	- name: Push both platforms as one image manifest list
	uses: docker/[email protected]
	with:
	context: pipelines/dockerfiles/tool-box
	platforms: linux/amd64,linux/arm64
	push: true
	build-args: VAULT_CERTS=no_copy
	tags: ${{ env.IMAGE_NAME }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build tool-box container #1352

Workflow file

Build tool-box container #1352

Jobs

Run details

Workflow file for this run