Updated image tag #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Kaniko CI Image | |
| on: | |
| push: | |
| branches: | |
| - kaniko | |
| jobs: | |
| kaniko: | |
| runs-on: ubuntu-latest | |
| environment: Docker Image | |
| steps: | |
| # Check out the repository code | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # Set Release version environment variable | |
| - name: Set env | |
| run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
| # Include Metedata | |
| - name: Setup Metadata | |
| uses: docker/metadata-action@v3 | |
| id: metadata | |
| with: | |
| images: "${{ vars.IMAGE_NAME }}" | |
| # Set up Docker credentials for Kaniko | |
| - name: Login to Docker | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.DOCKER_REGISTRY }} | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| # Build Image and Generate tarball | |
| - name: Kaniko build | |
| uses: bymarshall/kaniko-action@main | |
| with: | |
| push: false | |
| tags: ${{ steps.metadata.outputs.tags }} | |
| labels: ${{ steps.metadata.outputs.labels }} | |
| tar_file: image.tar | |
| # Perform CI scanning using twistcli | |
| - name: CI Scanning | |
| run: | | |
| #Generate Console token | |
| token=$(curl -s -k ${{ secrets.PCC_URL }}/api/v1/authenticate -X POST -H "Content-Type: application/json" -d '{ | |
| "username":"${{ secrets.PCC_USER }}", | |
| "password":"${{ secrets.PCC_PASS }}" | |
| }' | grep -Po '"'"token"'"\s*:\s*"\K([^"]*)') | |
| #Download Twistcli | |
| curl -s -O ${{ secrets.PCC_URL }}/api/v1/util/twistcli -H "Authorization: Bearer $token" | |
| chmod a+x twistcli | |
| ./twistcli --version | |
| #Perform CI Scan | |
| ./twistcli images scan --address ${{ secrets.PCC_URL }} --token $token --details --tarball image.tar | |