Update from minimal-workshop, adding new tools, and make commands (#49) #64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Security Tools container build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| pull_request: | |
| branches: | |
| - main | |
| - develop | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # This step takes ages (~4-5 min) but frees around 20 additional gigabytes | |
| # that are quite useful when installing and running everything. | |
| - name: Free up some disk space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: false | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: false | |
| swap-storage: false | |
| docker-images: false | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Load .env file | |
| id: dotenv | |
| uses: xom9ikk/dotenv@v2 | |
| - name: Prepare build args | |
| id: prep | |
| run: | | |
| { | |
| echo 'BUILD_ARGS<<EOF' | |
| while IFS='=' read -r key value; do | |
| if [[ ! -z "$key" && ! "$key" =~ ^# ]]; then | |
| echo "${key}=${value}" | |
| fi | |
| done < .env | |
| echo 'EOF' | |
| } >> $GITHUB_OUTPUT | |
| - name: Build container | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: false | |
| context: . | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| tags: theredguild/container-sec-tools:latest | |
| build-args: ${{ steps.prep.outputs.BUILD_ARGS }} | |
| - name: Check disk space | |
| run: df -h |