Skip to content

ci(docker): Remove ARM64 platform from multi-arch builds #2

ci(docker): Remove ARM64 platform from multi-arch builds

ci(docker): Remove ARM64 platform from multi-arch builds #2

Workflow file for this run

name: Docker
on:
push:
branches:
- main
- master
tags:
- "v*"
pull_request:
permissions:
contents: read
packages: write
security-events: write
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=ref,event=branch
type=ref,event=tag
type=sha
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and export image for scan
if: github.event_name == 'pull_request'
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
tags: start-it-cli:pr
load: true
push: false
- name: Trivy image scan
if: github.event_name == 'pull_request'
uses: aquasecurity/trivy-action@v0.24.0
with:
image-ref: start-it-cli:pr
format: sarif
output: trivy-image.sarif
severity: HIGH,CRITICAL
ignore-unfixed: true
- name: Upload image scan results
if: github.event_name == 'pull_request'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: trivy-image.sarif
- name: Build and push image
if: github.event_name != 'pull_request'
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
push: ${{ github.event_name != 'pull_request' }}
platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}