From e53d4d1778508bee9e0a66756bf26c1ad51ab2e2 Mon Sep 17 00:00:00 2001 From: "CHEN, CHUN" Date: Mon, 10 Feb 2025 23:23:42 +0800 Subject: [PATCH] ci: update actions for docker, trivy, and artifacts - Update the `docker/build-push-action` GitHub Action from version `v5` to `v6` across multiple build jobs. - Upgrade the Docker Build and Push Action from version 5 to version 6 in the GitHub workflow. - Update GitHub Actions to use newer versions of Trivy (`0.29.0`) and upload-artifact (`v4`). Signed-off-by: CHEN, CHUN --- .github/workflows/docker_publish.yml | 6 +++--- .github/workflows/docker_publish_latest.yml | 2 +- .github/workflows/scan.yml | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 8a084ca..4223c4f 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -33,7 +33,7 @@ jobs: tag: alpine - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./alpine.Dockerfile @@ -71,7 +71,7 @@ jobs: tag: ubi - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./ubi.Dockerfile @@ -109,7 +109,7 @@ jobs: tag: distroless - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./distroless.Dockerfile diff --git a/.github/workflows/docker_publish_latest.yml b/.github/workflows/docker_publish_latest.yml index 077df2b..c30bb3e 100644 --- a/.github/workflows/docker_publish_latest.yml +++ b/.github/workflows/docker_publish_latest.yml @@ -35,7 +35,7 @@ jobs: tag: latest - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 421e845..6fb5aa3 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -22,7 +22,7 @@ jobs: sparse-checkout-cone-mode: false - name: Run Trivy vulnerability scanner for alpine image - uses: aquasecurity/trivy-action@0.14.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: "ghcr.io/jim60105/streamlink:alpine" vuln-type: "os,library" @@ -33,7 +33,7 @@ jobs: output: "trivy-results-alpine.html" - name: Run Trivy vulnerability scanner for ubi image - uses: aquasecurity/trivy-action@0.14.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: "ghcr.io/jim60105/streamlink:ubi" vuln-type: "os,library" @@ -44,7 +44,7 @@ jobs: output: "trivy-results-ubi.html" - name: Run Trivy vulnerability scanner for distroless image - uses: aquasecurity/trivy-action@0.14.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: "ghcr.io/jim60105/streamlink:distroless" vuln-type: "os,library" @@ -55,7 +55,7 @@ jobs: output: "trivy-results-distroless.html" - name: Upload Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: trivy-results path: trivy-results-*