This repository has been archived by the owner on Sep 18, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Timo Reichl <[email protected]>
- Loading branch information
Timo Reichl
committed
Jun 24, 2022
1 parent
7207d27
commit b2d5081
Showing
3 changed files
with
122 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,12 +27,11 @@ jobs: | |
docker-compose build ${docker_base_image_type} | ||
done | ||
for docker_hlds_game in $(ls image/games/hlds); do | ||
docker-compose build ${docker_hlds_game} | ||
done | ||
docker_base_images_egrep=$(echo ${DOCKER_IMAGE_BASE_ORDER} | tr " " "|") | ||
docker_game_images=$(docker-compose config --services | grep -Evw "(${docker_base_images_egrep})" | paste -sd " " -) | ||
for docker_srcds_game in $(ls image/games/srcds); do | ||
docker-compose build ${docker_srcds_game} | ||
for docker_game_image in ${docker_game_images}; do | ||
docker-compose build ${docker_game_image} | ||
done | ||
- name: Trivy CVE scan - base | ||
|
@@ -43,6 +42,14 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - hlds | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlds" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - srcds | ||
uses: aquasecurity/[email protected] | ||
with: | ||
|
@@ -51,10 +58,10 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - hlds | ||
- name: Trivy CVE scan - games/hlds/hlmp | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlds" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlmp" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
@@ -67,18 +74,50 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/bms | ||
- name: Trivy CVE scan - games/hlds/czero | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:bms" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:czero" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/csgo | ||
- name: Trivy CVE scan - games/hlds/dod | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:csgo" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:dod" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/dmc | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:dmc" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/op4 | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:op4" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/tfc | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:tfc" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/bms | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:bms" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
@@ -91,6 +130,14 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/csgo | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:csgo" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/dods | ||
uses: aquasecurity/[email protected] | ||
with: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,10 +24,15 @@ jobs: | |
|
||
- name: Build all images | ||
run: | | ||
docker_image_types="${DOCKER_IMAGE_BASE_ORDER} $(ls image/games/hlds) $(ls image/games/srcds)" | ||
for docker_base_image_type in ${DOCKER_IMAGE_BASE_ORDER}; do | ||
docker-compose build ${docker_base_image_type} | ||
done | ||
for docker_image_type in ${docker_image_types}; do | ||
docker-compose build ${docker_image_type} | ||
docker_base_images_egrep=$(echo ${DOCKER_IMAGE_BASE_ORDER} | tr " " "|") | ||
docker_game_images=$(docker-compose config --services | grep -Evw "(${docker_base_images_egrep})" | paste -sd " " -) | ||
for docker_game_image in ${docker_game_images}; do | ||
docker-compose build ${docker_game_image} | ||
done | ||
- name: Trivy CVE scan - base | ||
|
@@ -38,6 +43,14 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - hlds | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlds" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - srcds | ||
uses: aquasecurity/[email protected] | ||
with: | ||
|
@@ -46,10 +59,10 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - hlds | ||
- name: Trivy CVE scan - games/hlds/hlmp | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlds" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:hlmp" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
@@ -62,18 +75,50 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/bms | ||
- name: Trivy CVE scan - games/hlds/czero | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:bms" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:czero" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/csgo | ||
- name: Trivy CVE scan - games/hlds/dod | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:csgo" | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:dod" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/dmc | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:dmc" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/op4 | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:op4" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/hlds/tfc | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:tfc" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/bms | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:bms" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
@@ -86,6 +131,14 @@ jobs: | |
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/csgo | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: "${{ env.REGISTRY_IMAGE }}:csgo" | ||
format: 'table' | ||
exit-code: '1' | ||
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | ||
|
||
- name: Trivy CVE scan - games/srcds/dods | ||
uses: aquasecurity/[email protected] | ||
with: | ||
|
@@ -141,7 +194,7 @@ jobs: | |
|
||
- name: Push latest images to registries | ||
run: | | ||
docker_image_types="${DOCKER_IMAGE_BASE_ORDER} $(ls image/games/hlds) $(ls image/games/srcds)" | ||
docker_image_types=$(docker-compose config --services | paste -sd " " -) | ||
for docker_image_type in ${docker_image_types}; do | ||
docker tag ${REGISTRY_IMAGE}:${docker_image_type} ${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_image_type}-latest | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters