goss-org · aelsabbahy · Nov 21, 2024 · Nov 16, 2024
@@ -1,110 +1,110 @@
-name: Docker image for Goss
-
-on:
-  push:
-    branches:
-      - master
-    tags:
-      - "v*"
-  workflow_dispatch:
-
-env:
-  PLATFORMS: "linux/amd64,linux/arm64"
-
-jobs:
-  goss:
-    name: Build and push Docker image
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-      security-events: write # To upload Trivy sarif files
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Login to GHCR
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            ghcr.io/${{ github.repository_owner }}/goss
-
-      - name: Get latest git tag
-        if: github.ref_name == 'master'
-        id: get-latest-tag
-        run: |
-          # source: https://github.com/actions-ecosystem/action-get-latest-tag/blob/main/entrypoint.sh
-          set -e
-          git config --global --add safe.directory /github/workspace
-          git fetch --tags --force
-          # This suppress an error occurred when the repository is a complete one.
-          git fetch --prune --unshallow 2>/dev/null || true
-          latest_tag=$(git describe --abbrev=0 --tags || true)
-          echo "tag=${latest_tag}" >> "$GITHUB_OUTPUT"
-          echo "Latest tag: $latest_tag"
-
-      - name: Set short git commit SHA
-        if: github.ref_name == 'master'
-        run: |
-          calculatedSha=$(git rev-parse --short ${{ github.sha }})
-          echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
-          echo "COMMIT_SHORT_SHA: $calculatedSha"
-
-      - name: Get the current version of Go from project.
-        run: echo "GO_VERSION_FROM_PROJECT=$(go mod edit -json | jq -r .Go)" >> $GITHUB_ENV
-
-      - name: Build master goss image
-        if: github.ref_name == 'master'
-        uses: docker/build-push-action@v6
-        with:
-          build-args: |
-            GO_VERSION=${{ env.GO_VERSION_FROM_PROJECT }}
-            GOSS_VERSION=${{ steps.get-latest-tag.outputs.tag }}-${{ github.ref_name }}+${{ env.COMMIT_SHORT_SHA }}
-          context: .
-          push: true
-          tags: |
-            ghcr.io/${{ github.repository_owner }}/goss:master
-          labels: ${{ steps.meta.outputs.labels }}
-          platforms: ${{ env.PLATFORMS }}
-
-      - name: Build release goss image
-        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
-        uses: docker/build-push-action@v6
-        with:
-          build-args: |
-            GO_VERSION=${{ env.GO_VERSION_FROM_PROJECT }}
-            GOSS_VERSION=${{ github.ref_name }}
-          context: .
-          push: true
-          tags: |
-            ghcr.io/${{ github.repository_owner }}/goss:latest
-            ghcr.io/${{ github.repository_owner }}/goss:${{ github.ref_name }}
-          labels: ${{ steps.meta.outputs.labels }}
-          platforms: ${{ env.PLATFORMS }}
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/[email protected]
-        with:
-          image-ref: ghcr.io/${{ github.repository_owner }}/goss:master
-          format: "sarif"
-          output: "trivy-results.sarif"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: "trivy-results.sarif"
+name: Docker image for Goss
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - "v*"
+  workflow_dispatch:
+
+env:
+  PLATFORMS: "linux/amd64,linux/arm64"
+
+jobs:
+  goss:
+    name: Build and push Docker image
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      security-events: write # To upload Trivy sarif files
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/goss
+
+      - name: Get latest git tag
+        if: github.ref_name == 'master'
+        id: get-latest-tag
+        run: |
+          # source: https://github.com/actions-ecosystem/action-get-latest-tag/blob/main/entrypoint.sh
+          set -e
+          git config --global --add safe.directory /github/workspace
+          git fetch --tags --force
+          # This suppress an error occurred when the repository is a complete one.
+          git fetch --prune --unshallow 2>/dev/null || true
+          latest_tag=$(git describe --abbrev=0 --tags || true)
+          echo "tag=${latest_tag}" >> "$GITHUB_OUTPUT"
+          echo "Latest tag: $latest_tag"
+
+      - name: Set short git commit SHA
+        if: github.ref_name == 'master'
+        run: |
+          calculatedSha=$(git rev-parse --short ${{ github.sha }})
+          echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
+          echo "COMMIT_SHORT_SHA: $calculatedSha"
+
+      - name: Get the current version of Go from project.
+        run: echo "GO_VERSION_FROM_PROJECT=$(go mod edit -json | jq -r .Go)" >> $GITHUB_ENV
+
+      - name: Build master goss image
+        if: github.ref_name == 'master'
+        uses: docker/build-push-action@v6
+        with:
+          build-args: |
+            GO_VERSION=${{ env.GO_VERSION_FROM_PROJECT }}
+            GOSS_VERSION=${{ steps.get-latest-tag.outputs.tag }}-${{ github.ref_name }}+${{ env.COMMIT_SHORT_SHA }}
+          context: .
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/goss:master
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: ${{ env.PLATFORMS }}
+
+      - name: Build release goss image
+        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+        uses: docker/build-push-action@v6
+        with:
+          build-args: |
+            GO_VERSION=${{ env.GO_VERSION_FROM_PROJECT }}
+            GOSS_VERSION=${{ github.ref_name }}
+          context: .
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/goss:latest
+            ghcr.io/${{ github.repository_owner }}/goss:${{ github.ref_name }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: ${{ env.PLATFORMS }}
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/[email protected]
+        with:
+          image-ref: ghcr.io/${{ github.repository_owner }}/goss:master
+          format: "sarif"
+          output: "trivy-results.sarif"
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"