docker-pipeline

Author: Svetoslavss

.github/workflows/docker-pipeline.yml

@@ -22,25 +22,10 @@ jobs:
         key: ${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
         restore-keys: |
           ${{ runner.os }}-docker-
-    - name: Build the Docker image
-      run: docker build . --file Dockerfile --tag my-image-name:$(date +%s)
+    - name: Build demo-app Docker image
+      run: docker build . --file Dockerfile --tag demo-app:latest
+    - name: Pull postgres:15-alpine Docker image
+      run: docker pull postgres:15-alpine
 
-  security_test:
-    runs-on: ubuntu-latest
-    needs: docker_build
-
-    steps:
-    - name: Check code
-      uses: actions/checkout@v4
-
-    - name: Install Trivy
-      run: |
-        curl -sfL https://github.com/aquasecurity/trivy/releases/download/v0.35.0/trivy_0.35.0_Linux-64bit.deb -o trivy.deb
-        sudo dpkg -i trivy.deb
-
-    - name: Scan demo-app Docker image for vulnerabilities
-      run: trivy image --exit-code 1 --no-progress demo-app:$(date +%s)
 
-    - name: Scan postgres:15-alpine Docker image for vulnerabilities
-      run: trivy image --exit-code 1 --no-progress postgres:15-alpine