@@ -226,7 +226,19 @@ jobs:
226226 labels : ${{ steps.meta.outputs.labels }}
227227 cache-to : type=registry,ref=${{ env.BASE_IMAGE }}:cache
228228 cache-from : type=registry,ref=${{ env.BASE_IMAGE }}:cache,mode=max
229+ - name : Validate Container Image
230+ if : ${{ steps.bump-version.outputs.is-dryrun-version-bumped == 'true' }}
231+ run : |
232+ docker run -d -p 8080:8080 ${{ env.BASE_IMAGE }}:${{ steps.bump-version.outputs.bump-version }}
233+ sleep 5 # Wait for container to start
234+ HEALTH_STATUS=$(curl -s http://localhost:8080/companieshouse/actuator/health | jq -r '.status')
235+ if [ "$HEALTH_STATUS" != "UP" ]; then
236+ echo "Health check failed. Status: $HEALTH_STATUS"
237+ exit 1
238+ fi
239+ echo "Health check passed. Status: $HEALTH_STATUS"
229240name : Scan Image
241+ if : ${{ steps.bump-version.outputs.is-dryrun-version-bumped == 'true' }}
230242 uses :
aquasecurity/[email protected] 231243 with :
232244 versin : 0.66.0
@@ -236,17 +248,10 @@ jobs:
236248 ignore-unfixed : true
237249 vuln-type : ' os,library'
238250 scanners : ' vuln,secret,misconfig'
239- - name : Validate Container Image
240- run : |
241- docker run -d -p 8080:8080 ${{ steps.meta.outputs.tags }}
242- sleep 5 # Wait for container to start
243- HEALTH_STATUS=$(curl -s http://localhost:8080/companieshouse/actuator/health | jq -r '.status')
244- if [ "$HEALTH_STATUS" != "UP" ]; then
245- echo "Health check failed. Status: $HEALTH_STATUS"
246- exit 1
247- fi
248- echo "Health check passed. Status: $HEALTH_STATUS"
251+ env :
252+ TRIVY_SKIP_VERSION_CHECK : true
249253 - name : Re-Build & Push Image
254+ if : ${{ steps.bump-version.outputs.is-dryrun-version-bumped == 'true' }}
250255 uses : docker/build-push-action@v6
251256 with :
252257 push : true
0 commit comments