akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Fix build pipeline platform and Trivy issues

Browse Source 
Fixed two critical build failures:

1. Platform Selection Bug:
   - Fixed operator precedence issue in platform conditional
   - Was evaluating to boolean 'true' instead of platform string
   - Changed: platforms: ${{ ... || ... && 'linux/amd64' || ... }}
   - To: platforms: ${{ (... || ...) && 'linux/amd64' || ... }}
   - Now correctly uses linux/amd64 for PRs, linux/amd64,linux/arm64 for releases

2. Trivy Multiple Tags Issue:
   - Trivy was receiving multiple tags separated by newlines
   - Added step to extract first tag from metadata output
   - Trivy now scans using single tag reference
   - Prevents "multiple targets cannot be specified" error

Both PRs and production builds should now complete successfully.
This commit is contained in:
Claude
2025-11-04 21:40:02 +00:00
parent 6dc27cb813
commit 9949240789
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.github/workflows/docker-build.yml vendored
View File

@@ -106,14 +106,22 @@ jobs:
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ github.event_name == 'pull_request' || github.event_name == 'pull_request_target' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
platforms: ${{ (github.event_name == 'pull_request' || github.event_name == 'pull_request_target') && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
sbom: true
provenance: true
- name: Extract first tag for Trivy
id: trivy-tag
run: |
# Extract the first tag from the metadata output
FIRST_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n 1)
echo "tag=$FIRST_TAG" >> $GITHUB_OUTPUT
echo "Using tag for Trivy: $FIRST_TAG"
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ steps.meta.outputs.tags }}
image-ref: ${{ steps.trivy-tag.outputs.tag }}
format: 'sarif'
output: 'trivy-results-${{ matrix.service }}.sarif'
severity: 'CRITICAL,HIGH'
@@ -130,6 +138,6 @@ jobs:
if: always()
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ steps.meta.outputs.tags }}
image-ref: ${{ steps.trivy-tag.outputs.tag }}
format: 'table'
severity: 'CRITICAL,HIGH,MEDIUM'