feat: 👷 Update Docker dependencies for Docker actions #1437
Conversation
|
Review changes with SemanticDiff. |
Reviewer's Guide by SourceryThis pull request updates the Docker dependencies and actions in the GitHub workflow file. The changes focus on updating the versions of various Docker-related actions, improving the build and push process, and enhancing the security of the image signing process. File-Level Changes
Tips
|
github-actions
bot
added
the
github-actions
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hey @Anselmoo - I've reviewed your changes and they look great!
Here's what I looked at during the review
- 🟡 General issues: 1 issue found
- 🟡 Security: 1 issue found
- 🟢 Testing: all looks good
- 🟢 Complexity: all looks good
- 🟢 Documentation: all looks good
Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.
| platforms: linux/amd64,linux/arm64 | ||
| outputs: type=image,name=target,annotation-index.org.opencontainers.image.description=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.description'] }} | ||
| platforms: linux/amd64,linux/arm/v7,linux/arm64 | ||
| push: true |
There was a problem hiding this comment.
🚨 suggestion (security): Consider the implications of always pushing images
The workflow now pushes images for all events, including PRs. This could potentially expose sensitive information or consume unnecessary resources. Consider adding a condition to push only for specific events or branches.
| push: true | |
| push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} |
| # https://github.com/docker/build-push-action | ||
| - name: Build and push Docker image | ||
| - name: Build and Push container images | ||
| uses: docker/[email protected] |
There was a problem hiding this comment.
suggestion (performance): Re-evaluate the removal of build caching
The cache configuration has been removed from the build step. This could potentially slow down builds significantly. Consider re-implementing caching to improve build performance.
| uses: docker/[email protected] | |
| uses: docker/[email protected] | |
| with: | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1437 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 44 44
Lines 4467 4467
=========================================
Hits 4467 4467
Flags with carried forward coverage won't be shown. Click here to find out more. |
All PR-Submissions:
Pull Requests for the same
update/change?
New ✨✨ Feature-Submissions:
Changes to ⚙️ Core-Features:
us to include them?
Summary by Sourcery
This pull request updates the Docker dependencies and actions in the GitHub workflow for building and pushing Docker images. It includes revisions to the Docker build job, such as setting up QEMU, Docker Buildx, and logging into the GitHub Container Registry. Additionally, it adds steps for signing Docker images using Cosign with GitHub OIDC Token.