Skip to content

Add Rocky Linux 8.10 and 9.5; also add Fedora 41 #111

Add Rocky Linux 8.10 and 9.5; also add Fedora 41

Add Rocky Linux 8.10 and 9.5; also add Fedora 41 #111

name: Anchore-Container-Scan
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
branches: [ master ]
pull_request:
branches: [ master ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
scan:
# The type of runner that the job will run on
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
FROM:
- 'ubuntu:noble'
- 'ubuntu:jammy'
- 'ubuntu:focal'
- 'linuxmintd/mint22-amd64'
- 'linuxmintd/mint21.3-amd64'
- 'linuxmintd/mint21.2-amd64'
- 'linuxmintd/mint21.1-amd64'
- 'linuxmintd/mint21-amd64'
- 'linuxmintd/mint20-amd64'
- 'debian:bookworm'
- 'debian:bullseye'
- 'opensuse/leap:15.6'
- 'opensuse/leap:15.5'
- 'opensuse/leap:15.4'
- 'opensuse/leap:15.3'
- 'opensuse/leap:15.2'
- 'fedora:41'
- 'fedora:40'
- 'fedora:39'
- 'rockylinux/rockylinux:9.5'
- 'rockylinux/rockylinux:9.4'
- 'rockylinux/rockylinux:8.10'
- 'manjarolinux/base'
- 'funtoo/stage3-generic_64'
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 2
submodules: false
# - name: Run CI
# env:
# FROM: ${{ matrix.FROM }}
# MY_OS_NAME: linux
# IS_RELEASE: 0
# run: script/cibuild
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #v3.3.0
env:
FROM: ${{ matrix.FROM }}
MY_OS_NAME: linux
IS_RELEASE: 0
- name: build local container
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 #v5.3.0
env:
FROM: ${{ matrix.FROM }}
MY_OS_NAME: linux
IS_RELEASE: 0
with:
build-args: from=${{ matrix.FROM }}
tags: localbuild/${{ matrix.FROM }}
push: false
load: true
- name: Scan image
uses: anchore/scan-action@3343887d815d7b07465f6fdcd395bd66508d486a #v3.6.4
with:
image: "localbuild/${{ matrix.FROM }}"
fail-build: false
severity-cutoff: critical