Release v1.2.0

- add emoji for security scanning action

- update release.yml

- login to docker/ghcr first, then do hadolint?

- pull debian image manually

- do not delete local docker images?

- replace sklearn with scikit-learn

Author: jakoch

.devcontainer/Dockerfile

@@ -77,7 +77,7 @@ RUN pip3 config --user set global.disable-pip-version-check true && \
     pip3 install --upgrade wheel && \
     pip3 install tensorflow && \
     pip3 install ipykernel docutils jupyter notebook pyyaml pylint h5py && \
-    pip3 install numpy pandas sklearn scipy && \
+    pip3 install numpy pandas scikit-learn scipy && \
     pip3 install matplotlib seaborn pydotplus && \
     pip3 install keras --no-deps && \
     pip3 install opencv-python && \

.github/workflows/release.yml

@@ -26,22 +26,28 @@ jobs:
         uses: jlumbroso/free-disk-space@main # https://github.com/jlumbroso/free-disk-space
         with:
           tool-cache: true
+          docker-images: false
 
       - name: 🤘 Checkout Code
         uses: actions/checkout@v3 # https://github.com/actions/checkout
 
-      - uses: hadolint/hadolint-action@v3.1.0 # https://github.com/hadolint/hadolint-action
-        with:
-          dockerfile: .devcontainer/Dockerfile
-          no-fail: true          
-
       - name: 🔒 Login to Container Registry
         uses: docker/login-action@v2 # https://github.com/docker/login-action
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      # https://hub.docker.com/_/debian
+      - name: Pull Debian Slim manually
+        run: |
+          docker pull debian:bookworm-slim
+          
+      - uses: hadolint/hadolint-action@v3.1.0 # https://github.com/hadolint/hadolint-action
+        with:
+          dockerfile: .devcontainer/Dockerfile
+          no-fail: true   
+
       - name: 📝 Versionize
         run: |
           if [[ "$GITHUB_REF" =~ ^refs/tags/v* ]]; then
@@ -65,7 +71,7 @@ jobs:
           docker tag   ghcr.io/${{ github.repository }}:$TAG ghcr.io/${{ github.repository }}:latest
           docker push  ghcr.io/${{ github.repository }}:latest
 
-      - name: Scan Image for Vulnerabilities
+      - name: 🛡️🔍 Scan Image for Vulnerabilities
         uses: aquasecurity/trivy-action@master # https://github.com/aquasecurity/trivy-action
         with:
           image-ref: 'ghcr.io/${{ github.repository }}:latest'
@@ -74,7 +80,7 @@ jobs:
           severity: 'CRITICAL,HIGH'
           ignore-unfixed: true
 
-      - name: Upload scan results to GitHub Security tab
+      - name: 🛡️🔼 Upload scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2 # https://github.com/github/codeql-action
         with:
           sarif_file: 'trivy-results.sarif'