fix(ci): build+push image in release flow (#3838)

2026-05-05 03:55:18 +02:00 · 2021-07-29 23:31:46 +05:30
parent 0283c35225
commit 93c89ba0e8
8 changed files with 74 additions and 166 deletions
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -402,73 +402,6 @@ jobs:
      - name: Remove release packages and test artifacts
        run: rm -rf ./release-packages ./test/test-results

-  # Builds both amd64 and arm64 images
-  docker-images:
-    runs-on: ubuntu-latest
-    needs: [package-linux-amd64, package-linux-arm64]
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Download release package
-        uses: actions/download-artifact@v2
-        with:
-          name: release-packages
-          path: ./release-packages
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Run ./ci/steps/build-docker-image.sh
-        run: ./ci/steps/build-docker-image.sh
-
-      - name: Upload release images
-        uses: actions/upload-artifact@v2
-        with:
-          name: release-images
-          path: ./release-images
-
-  trivy-scan-image:
-    runs-on: ubuntu-20.04
-    needs: docker-images
-    # NOTE@jsjoeio: disabling due to a memory issue upstream
-    # See: https://github.com/github/codeql-action/issues/528
-    if: 1 == 2
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-
-      - name: Download release images
-        uses: actions/download-artifact@v2
-        with:
-          name: release-images
-          path: ./release-images
-
-      - name: Run Trivy vulnerability scanner in image mode
-        # Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@9438b49cc3156b2e8c77c1ba8ffbaa3bae24e3c2
-        with:
-          input: "./release-images/code-server-amd64-*.tar"
-          scan-type: "image"
-          ignore-unfixed: true
-          format: "template"
-          template: "@/contrib/sarif.tpl"
-          output: "trivy-image-results.sarif"
-          severity: "HIGH,CRITICAL"
-
-      - name: Debug Trivy SARIF file
-        run: cat trivy-image-results.sarif && ls -l trivy-image-results.sarif
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: "trivy-image-results.sarif"
-
-  # We have to use two trivy jobs
-  # because GitHub only allows
-  # codeql/upload-sarif action per job
  trivy-scan-repo:
    runs-on: ubuntu-20.04
    steps: