diff --git a/.github/workflows/docker-manual.yml b/.github/workflows/docker-manual.yml index 24ea724..909cad5 100644 --- a/.github/workflows/docker-manual.yml +++ b/.github/workflows/docker-manual.yml @@ -48,8 +48,8 @@ jobs: push: true tags: ${{ env.TAG }} labels: ${{ steps.meta.outputs.labels }} - context: ${{ env.CONTEXT }} - file: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE }} + context: ./ckan + file: ./ckan/Dockerfile - name: Linting Dockerfile with hadolint in GH Actions uses: hadolint/hadolint-action@v3.1.0 @@ -59,7 +59,7 @@ jobs: - name: Run Trivy container image vulnerability scanner uses: aquasecurity/trivy-action@0.12.0 with: - image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH }} + image-ref: ${{ steps.meta.outputs.tags }} format: sarif output: trivy-results.sarif diff --git a/.github/workflows/docker-pr.yml b/.github/workflows/docker-pr.yml index f62163b..a66409e 100644 --- a/.github/workflows/docker-pr.yml +++ b/.github/workflows/docker-pr.yml @@ -14,7 +14,7 @@ env: CONTEXT: . BRANCH: ${{ github.head_ref }} DOCKERFILE_PATH: /ckan - DOCKERFILE: Dockerfile + DOCKERFILE: Dockerfile.ghcr HADOLINT_VERSION: 2.12.0 jobs: @@ -83,16 +83,16 @@ jobs: id: docker-push with: push: false - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:test-build-only + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} context: ./ckan - file: ./ckan/Dockerfile + file: ./ckan/Dockerfile.ghcr - name: Linting Dockerfile and annotate code inline in the github PR viewer id: hadolint uses: jbergstroem/hadolint-gh-action@v1.11.0 with: - dockerfile: ./ckan/Dockerfile + dockerfile: ./ckan/Dockerfile.ghcr version: ${{ env.HADOLINT_VERSION }} annotate: true error_level: -1 @@ -100,7 +100,7 @@ jobs: - name: Run Trivy container image vulnerability scanner uses: aquasecurity/trivy-action@0.12.0 with: - image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:test-build-only + image-ref: ${{ steps.meta.outputs.tags }} format: sarif output: trivy-results.sarif