hangpersonal/Gitea_Action_Test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add .gitea/workflows/*.yaml

Browse Source
This commit is contained in:
Hang Cui
2025-10-18 00:35:31 -07:00
parent 0638a82a8d
commit c5a76614f4
1 changed files with 5 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
.gitea/workflows/010_ci_docker_image.yaml
View File

@@ -15,10 +15,10 @@ jobs:
steps: steps:
- name: Checkout source code - name: Checkout source code
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Install Python 3.10.12 - name: Install Python 3.10
uses: actions/setup-python@v4 uses: actions/setup-python@v4
with: with:
python-version: '3.10.12' python-version: '3.10'
- name: Install tox - name: Install tox
run: pip install tox run: pip install tox
- name: Run lint - name: Run lint
@@ -31,10 +31,10 @@ jobs:
steps: steps:
- name: Checkout source code - name: Checkout source code
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Install Python 3.10.12 - name: Install Python 3.10
uses: actions/setup-python@v4 uses: actions/setup-python@v4
with: with:
python-version: '3.10.12' python-version: '3.10'
- name: Install tox - name: Install tox
run: pip install tox run: pip install tox
- name: Run unit tests - name: Run unit tests
@@ -78,35 +78,7 @@ jobs:
run: | run: |
docker load --input /tmp/image.tar docker load --input /tmp/image.tar
docker image ls -a docker image ls -a
docker run -p 8080:80 -d ${{ vars.IMAGE }}:${{ inputs.image-tag }} docker run --rm ${{ vars.IMAGE }}:${{ inputs.image-tag }}
sleep 5
curl --fail 'http://localhost:8080/'
vulnerability-scan:
runs-on: ubuntu-22.04
needs: [build-image]
steps:
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: image
path: /tmp
- name: Load image
run: |
docker load --input /tmp/image.tar
docker image ls -a
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ vars.IMAGE }}:${{ inputs.image-tag }}
format: 'json'
output: 'trivy-results.json'
severity: 'CRITICAL,HIGH'
- name: Upload results
uses: actions/upload-artifact@v3
with:
name: trivy-results
path: ${{ github.workspace }}/trivy-results.json
publish-image: publish-image:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04