ditkrg/build-image-workflow
4
0
Fork 0
mirror of https://github.com/ditkrg/build-image-workflow.git synced 2026-01-22 21:27:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ditkrg:v1.2.5
Branches Tags
ditkrg:main
ditkrg:v1.3.0
ditkrg:v1.2.8
ditkrg:v1.2.7
ditkrg:v1.2.6
ditkrg:v1.2.5
ditkrg:v1.2.4
ditkrg:v1.2.3
ditkrg:v1
ditkrg:v1.2.2
ditkrg:v1.2.1
ditkrg:v1.2.0
ditkrg:v1.1.0
ditkrg:v1.0.1
ditkrg:v1.0.0
...
compare: ditkrg:main
Branches Tags
ditkrg:main
ditkrg:v1.3.0
ditkrg:v1.2.8
ditkrg:v1.2.7
ditkrg:v1.2.6
ditkrg:v1.2.5
ditkrg:v1.2.4
ditkrg:v1.2.3
ditkrg:v1
ditkrg:v1.2.2
ditkrg:v1.2.1
ditkrg:v1.2.0
ditkrg:v1.1.0
ditkrg:v1.0.1
ditkrg:v1.0.0

4 Commits
v1.2.5 ... main

Author SHA1 Message Date
Shkar T. Noori
95127ca9d2
Add harbor scan report inputs and commenting functionality in action.yml 
This update introduces new input parameters for enabling harbor scan report retrieval and commenting on pull requests. The action now includes logic to comment on the PR with scan results, enhancing visibility and feedback during the CI/CD process.
 2025-05-09 03:10:50 +03:00
Shkar T. Noori
ce1914c7e6
Refactor caching mechanism in action.yml 
This update modifies the caching strategy by removing the previous cache type and introducing a new registry-based cache for builds. This change enhances the efficiency of the caching process during CI/CD workflows.
 2025-05-09 01:27:45 +03:00
Shkar T. Noori
6bc379401f
Add pull request event types to action.yml 
This update introduces new event types for handling pull requests in the action.yml file, allowing for better caching and event management during CI/CD processes.
 2025-05-08 23:21:34 +03:00
Shkar T. Noori
a126631a61
Add digest output to action.yml and set build-and-push step ID 
This update introduces a new output 'digest' to the action.yml file, which captures the digest value from the build-and-push step. Additionally, the build-and-push step is now assigned an ID for better output management.
 2025-05-08 20:51:26 +03:00
1 changed files with 92 additions and 4 deletions
Show Stats Expand all files Collapse all files

96
action.yml
View File

@ -29,7 +29,25 @@ inputs:
required: false
description: "Build Secrets"
harbor-scan-report:
required: false
default: "true"
description: "Should try to get harbor scan report"
comment-harbor-scan-report:
required: false
default: "true"
description: "Should comment harbor scan report on PR"
harbor-scan-report-comment-marker:
required: false
default: '<!-- actions-comment-pull-request "build-and-push" -->'
description: "Comment marker for harbor scan report"
outputs:
digest:
description: "Digest"
value: ${{ steps.build-and-push.outputs.digest }}
tag:
description: "Image Tag"
value: ${{ steps.set_tag.outputs.tag }}
@ -50,8 +68,9 @@ runs:
images: ${{ inputs.registry }}/${{ inputs.image }}
flavor: latest=false
tags: |
# Cache
type=raw,value=${{ github.ref_name }}-cache
# Pull Request
type=ref,event=pr
type=ref,event=pr,suffix=-{{sha}},priority=8887 # 2
# Branches
type=ref,event=branch
@ -71,12 +90,13 @@ runs:
- name: Build Docker images
uses: docker/build-push-action@v6
id: build-and-push
with:
push: ${{ inputs.push }}
file: ${{ inputs.file }}
tags: ${{ steps.meta.outputs.tags }}
cache-to: type=inline
cache-from: type=registry,ref=${{ inputs.registry }}/${{ inputs.image }}:${{ github.ref_name }}-cache
cache-to: type=registry,ref=${{ inputs.registry }}/${{ inputs.image }}:buildcache,mode=max
cache-from: type=registry,ref=${{ inputs.registry }}/${{ inputs.image }}:buildcache
build-args: ${{ inputs.build-args }}
secrets: ${{ inputs.build-secrets }}
@ -91,3 +111,71 @@ runs:
env:
tags: ${{ steps.meta.outputs.tags }}
json: ${{ steps.meta.outputs.json }}
- name: Harbor Scan Results
id: harbor-scan-results
if: ${{ inputs.harbor-scan-report }} == 'true'
uses: ditkrg/harbor-scan-results-action@main
with:
image: ${{ steps.set_tag.outputs.tag }}
username: ${{ inputs.username }}
password: ${{ inputs.password }}
digest: ${{ steps.build-and-push.outputs.digest }}
- name: Comment on active branch PR
uses: actions/github-script@v7
if: ${{ inputs.comment-harbor-scan-report }} == 'true'
env:
COMMENT_MARKER: ${{ inputs.harbor-scan-report-comment-marker }}
TRIVY_SCAN_RESULTS: ${{ steps.harbor-scan-results.outputs.report-markdown }}
with:
script: |
const prs = await github.rest.pulls.list({
owner: context.repo.owner,
repo: context.repo.repo,
head: `${context.repo.owner}:${context.ref.replace('refs/heads/', '')}`
});
if (prs.data.length <= 0) {
console.log('No open PR found for the current branch');
return;
}
const pr = prs.data[0];
// Check if there's already a comment from this workflow
const comments = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: pr.number
});
const comment_marker = process.env.COMMENT_MARKER;
const buildComment = comments.data.find(comment =>
comment.body.includes(comment_marker)
);
const commentBody = `${comment_marker}
${process.env.TRIVY_SCAN_RESULTS}
`;
if (buildComment) {
// Update existing comment
await github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: buildComment.id,
body: commentBody
});
console.log(`Updated comment to PR #${pr.number}`);
} else {
// Create new comment
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: pr.number,
body: commentBody
});
console.log(`Added comment to PR #${pr.number}`);
}