Skip to content

Commit b3f5d28

Browse files
lucacomeciarams87
authored andcommitted
Use suffix in latest tag, i.e. latest-alpine, don't overwrite latest (#2023)
1 parent 6343708 commit b3f5d28

File tree

1 file changed

+16
-20
lines changed

1 file changed

+16
-20
lines changed

.github/workflows/ci.yml

Lines changed: 16 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -244,20 +244,12 @@ jobs:
244244
runs-on: ubuntu-20.04
245245
needs: build-binaries
246246
strategy:
247-
matrix:
248-
include:
249-
- type: debian
250-
suffix: ''
251-
platforms: linux/arm,linux/arm64,linux/amd64,linux/ppc64le,linux/s390x
252-
- type: alpine
253-
suffix: '-alpine'
254-
platforms: linux/arm,linux/arm64,linux/amd64,linux/ppc64le,linux/s390x
255-
- type: ubi
256-
suffix: '-ubi'
257-
platforms: linux/arm64,linux/amd64
258-
- type: opentracing
259-
suffix: '-ot'
260-
platforms: linux/amd64
247+
matrix:
248+
image: [debian, alpine, opentracing]
249+
platforms: ["linux/arm, linux/arm64, linux/amd64, linux/ppc64le, linux/s390x"]
250+
include:
251+
- image: ubi
252+
platforms: "linux/arm64, linux/amd64"
261253
steps:
262254
- name: Checkout Repository
263255
uses: actions/checkout@v2
@@ -286,12 +278,13 @@ jobs:
286278
uses: docker/metadata-action@v3
287279
with:
288280
images: nginx/nginx-ingress
289-
flavor: suffix=${{ matrix.suffix }}
281+
flavor: suffix=${{ matrix.image != 'debian' && '-' || '' }}${{ matrix.image != 'debian' && matrix.image != 'opentracing' && matrix.image || '' }}${{ matrix.image == 'opentracing' && 'ot' || '' }},onlatest=true
290282
tags: |
291283
type=edge
292284
type=ref,event=pr
293285
type=schedule
294286
type=semver,pattern={{version}}
287+
type=semver,pattern={{major}}.{{minor}}
295288
labels: |
296289
org.opencontainers.image.description=NGINX Ingress Controller for Kubernetes
297290
org.opencontainers.image.documentation=https://docs.nginx.com/nginx-ingress-controller
@@ -324,25 +317,28 @@ jobs:
324317
push: ${{ github.event_name != 'pull_request' }}
325318
pull: true
326319
build-args: |
327-
BUILD_OS=${{ matrix.type }}
320+
BUILD_OS=${{ matrix.image }}
328321
IC_VERSION=${{ steps.var.outputs.ic_version }}
329322
- name: Run Trivy vulnerability scanner
330323
uses: aquasecurity/trivy-action@master
324+
continue-on-error: true
331325
with:
332326
image-ref: nginx/nginx-ingress:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
333327
format: 'template'
334328
template: '@/contrib/sarif.tpl'
335-
output: 'trivy-results-${{ matrix.type }}.sarif'
329+
output: 'trivy-results-${{ matrix.image }}.sarif'
336330
ignore-unfixed: 'true'
337331
- name: Upload Trivy scan results to GitHub Security tab
338332
uses: github/codeql-action/upload-sarif@v1
333+
continue-on-error: true
339334
with:
340-
sarif_file: 'trivy-results-${{ matrix.type }}.sarif'
335+
sarif_file: 'trivy-results-${{ matrix.image }}.sarif'
341336
- name: Upload Scan Results
342337
uses: actions/upload-artifact@v2
338+
continue-on-error: true
343339
with:
344-
name: 'trivy-results-${{ matrix.type }}.sarif'
345-
path: 'trivy-results-${{ matrix.type }}.sarif'
340+
name: 'trivy-results-${{ matrix.image }}.sarif'
341+
path: 'trivy-results-${{ matrix.image }}.sarif'
346342
if: always()
347343

348344
package-helm:

0 commit comments

Comments
 (0)