Skip to content

Nightly Builds (develop) #791

Nightly Builds (develop)

Nightly Builds (develop) #791

Workflow file for this run

# Copyright 2022 MONAI Consortium
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Nightly Builds (develop)
on:
schedule:
- cron: '0 7 * * *' # run at 7 AM UTC/12 AM PT
workflow_dispatch:
jobs:
build-and-deploy:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- dockerfile: WorkflowManager.Dockerfile
image: ghcr.io/project-monai/monai-deploy-workflow-manager
- dockerfile: TaskManager.Dockerfile
image: ghcr.io/project-monai/monai-deploy-task-manager
- dockerfile: CallbackApp.Dockerfile
image: ghcr.io/project-monai/monai-deploy-task-manager-callback
env:
REGISTRY: ghcr.io
permissions:
packages: write
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get Date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
- name: Log in to the Container registry
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/[email protected]
with:
images: ${{ matrix.image }}
tags: |
type=raw,value=develop-latest
type=raw,value=develop-nightly-${{ steps.date.outputs.date }}
- name: Build and Push Container Image for ${{ matrix.feature }}
uses: docker/[email protected]
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: ${{ matrix.dockerfile }}
- name: Scan Image with Azure Container Scan
env:
TRIVY_TIMEOUT_SEC: 360s
uses: Azure/[email protected]
with:
image-name: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
- name: Anchore Container Scan
id: anchore-scan
uses: anchore/[email protected]
with:
image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
fail-build: true
severity-cutoff: critical
- name: Upload Anchore Scan SARIF Report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.anchore-scan.outputs.sarif }}
token: ${{ secrets.GITHUB_TOKEN }}