Docker #810

	name: Docker

	on:
	push:
	branches:
	- main
	tags:
	- "v..*"
	schedule:
	- cron: "0 21 * * 6"

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: biow0lf/evemonk-sidekiq

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_HUB_USERNAME }}
	password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v3

	- name: Build and push
	id: docker_build
	uses: docker/build-push-action@v5
	with:
	pull: true
	push: true
	no-cache: true
	# platforms: linux/amd64,linux/arm64
	platforms: linux/amd64
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	- name: Image digest
	run: echo ${{ steps.docker_build.outputs.digest }}

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: "docker.io/biow0lf/evemonk-sidekiq:main"
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

Provide feedback