Skip to content

Commit

Permalink
testing appending arch tag to end of github build
Browse files Browse the repository at this point in the history
  • Loading branch information
mmguero committed May 9, 2024
1 parent 30864fb commit 45538c0
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions .github/workflows/api-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,11 @@ jobs:
shell: bash
run: echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
id: extract_branch
-
name: Generate arch tag suffix
shell: bash
run: echo "archtag=$([[ "${{ matrix.platform }}" == 'linux/amd64' ]] && echo '' || ( echo -n '-' ; echo "${{ matrix.platform }}" | cut -d '/' -f 2) )" >> $GITHUB_OUTPUT
id: arch_tag_suffix
-
name: Extract commit SHA
shell: bash
Expand Down Expand Up @@ -100,9 +105,9 @@ jobs:
BUILD_DATE=${{ steps.generate_build_timestamp.outputs.btimestamp }}
VCS_REVISION=${{ steps.extract_commit_sha.outputs.sha }}
push: true
# provenance: false
provenance: false
platforms: ${{ matrix.platform }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/api:${{ steps.extract_branch.outputs.branch }}
tags: ghcr.io/${{ github.repository_owner }}/malcolm/api:${{ steps.extract_branch.outputs.branch }}${{ steps.arch_tag_suffix.outputs.archtag }}
-
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
Expand All @@ -111,7 +116,7 @@ jobs:
with:
scan-type: 'image'
scanners: 'vuln'
image-ref: ghcr.io/${{ github.repository_owner }}/malcolm/api:${{ steps.extract_branch.outputs.branch }}
image-ref: ghcr.io/${{ github.repository_owner }}/malcolm/api:${{ steps.extract_branch.outputs.branch }}${{ steps.arch_tag_suffix.outputs.archtag }}
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'HIGH,CRITICAL'
Expand Down

0 comments on commit 45538c0

Please sign in to comment.