Skip to content

A shorthand GitHub Action for building Docker and pushing to ghcr.io and other repositories. An smaller alternative to combining qemu and other steps.

License

Notifications You must be signed in to change notification settings

meysam81/build-docker

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

build-docker

A GitHub composite action that simplifies Docker image building, pushing, and scanning. It combines Docker build, push, metadata handling, Scout scanning, and Kubescape security analysis into a single action.

Features

  • Multi-platform builds (amd64/arm64)
  • GitHub Container Registry integration
  • Docker Hub support
  • Docker Scout vulnerability scanning
  • Kubescape security analysis
  • GitHub cache optimization
  • SARIF report generation

Usage

- uses: meysam81/build-docker@v1
  with:
    image-name: ghcr.io/${{ github.repository }} # e.g. ghrc.io/octocat/hello-world

Inputs

Name Description Required Default
image-name Image name (including registry path) Yes -
github-token GitHub token for authentication Yes ${{ github.token }}
build-args Docker build arguments No ""
context Build context path No .
dockerhub-username Docker Hub username (required when scout-cves or scout-compare is enabled) No ""
dockerhub-password Docker Hub password (required when scout-cves or scout-compare is enabled) No ""
image-extra-tags Additional image tags No ""
image-target Multi-stage build target No ""
platforms Build platforms No linux/amd64,linux/arm64
push Push to registry (requires packages: write) No true
ref Git ref to checkout No ${{ github.ref }}
runner GitHub runner to use No ubuntu-latest
scout-compare Enable Docker Scout comparison No false
scout-comment-pr Add Scout results as PR comment (only in pull requests) No false
scout-cves Enable Docker Scout CVE scanning No false
kubescape Enable Kubescape scanning No false
kubescape-upload-sarif Upload Kubescape SARIF results to GitHub Security (requires security-events: write) No false

Outputs

Name Description
digest Image content-addressable digest
imageid Built image ID
metadata Build result metadata

Example

name: ci

on:
  push:
    branches:
      - main

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: meysam81/build-docker@v1
        with:
          image-name: ghcr.io/${{ github.repository }}
          image-extra-tags: |
            ghcr.io/${{ github.repository }}:${{ github.run_id }}
          kubescape: true
          kubescape-upload-sarif: true