.github/workflows/release.yaml #294

	on:
	workflow_dispatch:
	inputs:
	logLevel:
	description: "Log level"
	required: true
	default: "warning"
	type: choice
	options:
	- info
	- warning
	- debug
	tags:
	description: "Tags"
	required: false
	type: boolean
	release:
	types: [created]

	env:
	DOCKER_IMAGE: lakhansamani/authorizer
	BUILDKIT_INLINE_CACHE: 1

	jobs:
	build:
	name: Build and push Docker image
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	platforms: linux/amd64,linux/arm64
	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}
	- name: Build and push
	run: \|
	VERSION=$(basename ${GITHUB_REF})
	docker buildx build \
	--platform linux/amd64,linux/arm64 \
	--push \
	--build-arg VERSION=${VERSION} \
	--cache-from type=registry,ref=${DOCKER_IMAGE}:buildcache \
	--cache-to type=registry,ref=${DOCKER_IMAGE}:buildcache,mode=max \
	-t ${DOCKER_IMAGE}:${VERSION} \
	.

	trivy-scan:
	name: Vulnerability scan (Trivy)
	runs-on: ubuntu-latest
	needs: build
	permissions:
	contents: read
	security-events: write
	steps:
	- name: Run Trivy
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: ${{ env.DOCKER_IMAGE }}:${{ github.ref_name }}
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL,HIGH'
	- name: Upload Trivy results
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback