Rebuild master docker image #122

Summary
Jobs
- Build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/build-no-cache.yml at fb59002

	name: Rebuild master docker image
	on:
	workflow_dispatch:

	schedule:
	- cron: '0 12 * * 0'

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: set-up-environment
	uses: DFE-Digital/github-actions/set-up-environment@master

	- uses: Azure/login@v2
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS_REVIEW }}

	- name: Fetch secrets from key vault
	uses: azure/CLI@v2
	id: keyvault-yaml-secret
	with:
	inlineScript: \|
	SLACK_WEBHOOK=$(az keyvault secret show --name "SLACK-WEBHOOK" --vault-name "${{ secrets.KEY_VAULT_REVIEW }}" --query "value" -o tsv)
	echo "::add-mask::$SLACK_WEBHOOK"
	echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT
	SNYK_TOKEN=$(az keyvault secret show --name "SNYK-TOKEN" --vault-name "${{ secrets.KEY_VAULT_REVIEW }}" --query "value" -o tsv)
	echo "::add-mask::$SNYK_TOKEN"
	echo "SNYK_TOKEN=$SNYK_TOKEN" >> $GITHUB_OUTPUT

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@master

	- name: Get Short SHA
	id: sha
	run: echo "short=$(echo $GITHUB_SHA \| cut -c -7)" >> $GITHUB_OUTPUT

	- name: Login to GitHub Container Repository
	uses: docker/login-action@v3.2.0
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push base image
	uses: docker/build-push-action@v5
	with:
	context: .
	tags: ${{ env.DOCKER_REPOSITORY }}:base-master
	push: true
	target: base
	build-args: \|
	SHA=${{ steps.sha.outputs.short }}

	- name: Build release image locally
	uses: docker/build-push-action@v5
	with:
	context: .
	tags: ${{ env.DOCKER_REPOSITORY }}:master
	push: false
	load: true
	build-args: \|
	SHA=${{ steps.sha.outputs.short }}

	- name: Run Snyk to check Docker image for vulnerabilities
	uses: snyk/actions/docker@master
	env:
	SNYK_TOKEN: ${{ steps.keyvault-yaml-secret.outputs.SNYK_TOKEN }}
	with:
	image: ${{ env.DOCKER_REPOSITORY }}:master
	args: --severity-threshold=high --file=Dockerfile

	- name: Push image to registry
	if: success()
	run: docker image push --all-tags ${{ env.DOCKER_REPOSITORY }}

	- name: Slack Notification
	if: failure() && github.ref == 'refs/heads/master'
	uses: rtCamp/action-slack-notify@master
	env:
	SLACK_COLOR: ${{ env.SLACK_ERROR }}
	SLACK_MESSAGE: 'There has been a failure building the application'
	SLACK_TITLE: 'Failure Building Application'
	SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Rebuild master docker image #122

Workflow file

Rebuild master docker image #122

Jobs

Run details

Workflow file for this run