mirrors/PairDrop
1
0
Fork 0
mirror of https://github.com/schlagmichdoch/PairDrop.git synced 2025-04-20 15:06:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Increase repo security by pinning actions to a commit SHA.

Browse source
This commit is contained in:
schlagmichdoch 2023-12-06 09:53:33 +01:00
parent d6e1ddb265
commit 56a258a33f
2 changed files with 20 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

13
.github/workflows/docker-image.yml vendored
View file

@ -1,3 +1,14 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# GitHub recommends pinning actions to a commit SHA.
# To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning.
# Build a Docker image whenever it is pushed to master
name: Docker Image CI name: Docker Image CI
on: on:
@ -13,6 +24,6 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Build the Docker image - name: Build the Docker image
run: docker build --pull . -f Dockerfile -t pairdrop run: docker build --pull . -f Dockerfile -t pairdrop

14
.github/workflows/github-image.yml vendored
View file

@ -7,6 +7,8 @@
# To get a newer version, you will need to update the SHA. # To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning. # You can also reference a tag or branch, but the action may change without warning.
# Create a Docker image and push it to ghcr.io whenever a new version tag is pushed
name: GHCR Image CI name: GHCR Image CI
on: on:
@ -27,16 +29,16 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup qemu - name: Setup qemu
uses: docker/setup-qemu-action@v2.1.0 uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
- name: Setup Docker Buildx - name: Setup Docker Buildx
uses: docker/setup-buildx-action@v2.5.0 uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Log in to the Container registry - name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with: with:
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
username: ${{ github.actor }} username: ${{ github.actor }}
@ -44,12 +46,12 @@ jobs:
- name: Extract metadata (tags, labels) for Docker - name: Extract metadata (tags, labels) for Docker
id: meta id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4 # v5.3.0
with: with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image - name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with: with:
context: . context: .
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64