push image to ghcr.io

Author: dlinsley

.github/build-image.yml

@@ -0,0 +1,33 @@
+name: Create and publish image
+on:
+  push:
+    branches: ['main']
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+
+    steps:
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext:images}}"
+          file: slingshot-scanner
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest

images/slingshot-scanner

@@ -1,19 +1,21 @@
-FROM anchore/grype:v0.65.2 as grype
-FROM anchore/syft:v0.87.1 as syft
-FROM harbor-repo.vmware.com/dockerhub-proxy-cache/paketobuildpacks/builder-jammy-buildpackless-tiny:0.0.85
+FROM anchore/grype:v0.73.5 AS grype
+FROM anchore/syft:v0.99.0 AS syft
+FROM paketobuildpacks/builder-jammy-buildpackless-tiny:latest
 
 USER root
 RUN apt-get update && apt-get -y --no-install-recommends install \
     bash \
     curl \
     vim \
+    unzip \
+    zip \
+    file \
+    jq \
   && true
+# Upgrade all packages
+RUN apt-get upgrade -y
 
 COPY --from=grype /grype /usr/local/bin/grype
 COPY --from=syft /syft /usr/local/bin/syft
 
-RUN grype version
-RUN syft version
-
-# Upgrade all packages
-RUN apt-get upgrade -y
+LABEL org.opencontainers.image.source=https://github.com/cloudfoundry-incubator/concourse-cve-scan