From 6667e19ea3d4f1ba2c5d6ed419ff3d9476c68879 Mon Sep 17 00:00:00 2001
From: Jacques ROUSSEL <jacques.roussel@rouaje.com>
Date: Wed, 25 Sep 2024 17:09:41 +0200
Subject: [PATCH] WIP

---
 .github/workflows/docker-hub.yml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
index 0136992e..20bca47c 100644
--- a/.github/workflows/docker-hub.yml
+++ b/.github/workflows/docker-hub.yml
@@ -1,4 +1,5 @@
 name: Docker Hub Workflow
+run-name: Docker Hub Workflow
 
 on:
   workflow_dispatch:
@@ -48,6 +49,20 @@ jobs:
         name: Login to DockerHub
         if: github.event_name != 'pull_request'
         run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
+      -
+        name: Build an image from Dockerfile
+        run: |
+           docker build --target backend-production -t docker.io/lasuite/meet-backend:${{ github.sha }} .
+      -
+        name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.20.0
+        with:
+          image-ref: 'docker.io/lasuite/meet-backend:${{ github.sha }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
       -
         name: Build and push
         uses: docker/build-push-action@v5
@@ -92,6 +107,20 @@ jobs:
         name: Login to DockerHub
         if: github.event_name != 'pull_request'
         run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
+      -
+        name: Build an image from Dockerfile
+        run: |
+           docker build -f src/frontend/Dockerfile -t docker.io/lasuite/meet-frontend:${{ github.sha }} .
+      -
+        name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.20.0
+        with:
+          image-ref: 'docker.io/lasuite/meet-frontend:${{ github.sha }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
       -
         name: Build and push
         uses: docker/build-push-action@v5