update wf #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Branch を Push したらイメージをビルドする | ||
| on: | ||
| push: | ||
| branches: | ||
| - '*' # matches every branch that doesn't contain a '/' | ||
| - '*/*' # matches every branch containing a single '/' | ||
| - '**' # matches every branch | ||
| - '!main' # excludes main | ||
| env: | ||
| IMAGE_NAME: ex4:dev | ||
| jobs: | ||
| build-test-image: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| attestations: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - name: Check go test | ||
| uses: actions/setup-go@v4 | ||
| with: | ||
| go-version-file: go.mod | ||
| run: make test | ||
| - name: Check Dockerfile | ||
| run: | | ||
| docker run --rm -i hadolint/hadolint < Dockerfile | ||
| - name: Build a image | ||
| id: push | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| push: false | ||
| tags: ${{ env.IMAGE_NAME }} | ||
| #platforms: linux/amd64,linux/arm64 | ||
| labels: ${{ env.IMAGE_NAME }} | ||
| - name: Check vulnerabilities | ||
| run: | | ||
| docker images | ||
| docker run -v /var/run/docker.sock:/var/run/docker.sock --rm aquasec/trivy image --no-progress ${{ env.IMAGE_NAME }} | ||
| - name: Start a container from the image | ||
| run: | | ||
| docker images | ||
| docker run -d --name test -p 9400:8086 ${{ env.IMAGE_NAME }} | ||
| docker ps -a | ||
| - name: Test the container | ||
| run: | | ||
| sleep 5 | ||
| curl --silent --retry 3 --include http://127.0.0.1:9400/ping | grep "200 OK" | ||
| [ $? -ne 0 ] && (echo "error"; exit 1) | ||
| exit 0 | ||
