From a4295a7c9bc4e5f276bd21a9ff0186bbff9da2f1 Mon Sep 17 00:00:00 2001 From: Tomoya Amachi Date: Wed, 16 Feb 2022 23:53:57 +0900 Subject: [PATCH] update docker login in action (#172) * update docker login in action * add allowedlist.yaml --- .github/containerscan/allowedlist.yaml | 4 ++++ .github/workflows/releasebuild.yml | 22 ++++++++++++---------- 2 files changed, 16 insertions(+), 10 deletions(-) create mode 100644 .github/containerscan/allowedlist.yaml diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml new file mode 100644 index 0000000..1b6ce25 --- /dev/null +++ b/.github/containerscan/allowedlist.yaml @@ -0,0 +1,4 @@ +general: + vulnerabilities: + # dockle does not use a target feature + - CVE-2021-43816 \ No newline at end of file diff --git a/.github/workflows/releasebuild.yml b/.github/workflows/releasebuild.yml index 59f6fcc..f2b6f97 100644 --- a/.github/workflows/releasebuild.yml +++ b/.github/workflows/releasebuild.yml @@ -7,7 +7,7 @@ on: pull_request: jobs: - build-and-scan: + build-and-release: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" @@ -28,15 +28,17 @@ jobs: go test ./... env: CGO_ENABLED: 0 - - - name: Docker Login - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - GITHUB_TOKEN: ${{ secrets.GH_PAT }} - run: | - echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin - echo "${GITHUB_TOKEN}" | docker login ghcr.io --username $GITHUB_ACTOR --password-stdin + - name: Login to docker.io registry + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Login to ghcr.io registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: goodwithtech + password: ${{ secrets.GH_PAT }} - name: Run GoReleaser if: success() && startsWith(github.ref, 'refs/tags/v')