Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| ######################### | |
| ######################### | |
| ## Deploy Docker Image ## | |
| ######################### | |
| ######################### | |
| # | |
| # Documentation: | |
| # https://help.github.com/en/articles/workflow-syntax-for-github-actions | |
| # | |
| ####################################### | |
| # Start the job on all push to main # | |
| ####################################### | |
| name: "Build & Deploy - ALPHA" | |
| on: | |
| push: | |
| branches: | |
| - "alpha" | |
| paths: | |
| - ".github/workflows/**" | |
| - "Dockerfile" | |
| - "flavors/**" | |
| - "megalinter/**" | |
| - "mega-linter-runner/**" | |
| - "server/**" | |
| - "**/linter-versions.json" | |
| - "TEMPLATES/**" | |
| - ".trivyignore" | |
| - "**/.sh" | |
| - "**/.py" | |
| ############### | |
| # Set the Job # | |
| ############### | |
| concurrency: | |
| group: ${{ github.ref }}-${{ github.workflow }} | |
| cancel-in-progress: true | |
| jobs: | |
| publish_runner: | |
| name: Publish mega-linter-runner (alpha) | |
| if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| actions: write | |
| steps: | |
| - name: Trigger deploy-mega-linter-runner workflow | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| workflow_id: ".github/workflows/deploy-mega-linter-runner.yml", | |
| ref: "main", | |
| inputs: { | |
| "dist-tag": "alpha", | |
| prerelease: "true", | |
| preid: "alpha" | |
| }, | |
| }); | |
| build: | |
| # Name the Job | |
| name: Deploy Docker Image - ALPHA | |
| # Set the agent to run on | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: write | |
| packages: write | |
| # Only run this on the main repo | |
| if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy') | |
| ################## | |
| # Load all steps # | |
| ################## | |
| steps: | |
| ########################## | |
| # Checkout the code base # | |
| ########################## | |
| - name: Checkout Code | |
| uses: actions/checkout@v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get current date | |
| run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV} | |
| - name: Build & Push Docker Image (Server) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: server/Dockerfile | |
| platforms: linux/amd64 | |
| build-args: | | |
| BUILD_DATE=${{ env.BUILD_DATE }} | |
| BUILD_REVISION=${{ github.sha }} | |
| BUILD_VERSION=alpha | |
| load: false | |
| push: true | |
| secrets: | | |
| GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| tags: | | |
| ghcr.io/oxsecurity/megalinter-server:alpha | |
| # ghcr.io/oxsecurity/megalinter-server:alpha-${{ github.sha }} | |
| - name: Build & Push Docker Image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| platforms: linux/amd64 | |
| build-args: | | |
| BUILD_DATE=${{ env.BUILD_DATE }} | |
| BUILD_REVISION=${{ github.sha }} | |
| BUILD_VERSION=alpha | |
| load: false | |
| push: true | |
| secrets: | | |
| GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| tags: | | |
| ghcr.io/oxsecurity/megalinter:alpha | |
| # ghcr.io/oxsecurity/megalinter:alpha-${{ github.sha }} | |
| # - name: Build & Push Worker Docker Image | |
| # uses: docker/build-push-action@v6 | |
| # with: | |
| # context: . | |
| # file: Dockerfile-worker | |
| # platforms: linux/amd64 | |
| # build-args: | | |
| # MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter:alpha | |
| # BUILD_DATE=${{ env.BUILD_DATE }} | |
| # BUILD_REVISION=${{ github.sha }} | |
| # BUILD_VERSION=alpha | |
| # load: false | |
| # push: true | |
| # secrets: | | |
| # GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| # tags: | | |
| # ghcr.io/oxsecurity/megalinter-worker:alpha | |
| build-custom-flavor-builder: | |
| strategy: | |
| matrix: | |
| include: | |
| - platform: linux/amd64 | |
| runner: ubuntu-latest | |
| - platform: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| # Name the Job | |
| name: Deploy Docker Image (Custom Flavor Builder) - ALPHA | |
| # Set the agent to run on | |
| runs-on: ${{ matrix.runner }} | |
| permissions: | |
| actions: write | |
| packages: write | |
| # Only run this on the main repo | |
| if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy') | |
| ################## | |
| # Load all steps # | |
| ################## | |
| steps: | |
| ########################## | |
| # Checkout the code base # | |
| ########################## | |
| - name: Checkout Code | |
| uses: actions/checkout@v6 | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get current date | |
| run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV} | |
| - name: Build Flavor Builder Image | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile-custom-flavor | |
| platforms: ${{ matrix.platform }} | |
| build-args: | | |
| BUILD_DATE=${{ env.BUILD_DATE }} | |
| BUILD_REVISION=${{ github.sha }} | |
| BUILD_VERSION=alpha | |
| secrets: | | |
| GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| tags: | | |
| ghcr.io/${{ github.repository }}-custom-flavor-builder | |
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: custom-flavor-builder-digests-${{ env.PLATFORM_PAIR }} | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| merge-custom-flavor-builder: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| needs: | |
| - build-custom-flavor-builder | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: custom-flavor-builder-digests-* | |
| merge-multiple: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}-custom-flavor-builder | |
| tags: | | |
| type=raw,value=alpha | |
| # type=raw,value=alpha-${{ github.sha }} | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'ghcr.io/${{ github.repository }}-custom-flavor-builder@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ghcr.io/${{ github.repository }}-custom-flavor-builder:${{ steps.meta.outputs.version }} |