svrnty/docker-flutter-sdk
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 21 Wiki Activity
8d48dcc5fd
docker-flutter-sdk/.gitea/workflows/scout.yaml
Mathias Beaulieu-Duncan 8d48dcc5fd Initial minimal Flutter SDK image for web/WASM CI builds 
- Dockerfile based on debian:bookworm-slim with web-only Flutter SDK
- Release pipeline with Docker Scout CVE scan, SBOM, and provenance
- Scout PR pipeline with check-image gate
- Daily update-check pipeline that auto-creates releases for new
  Flutter stable versions via Gitea API

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-02 00:39:04 -05:00

71 lines
2.2 KiB
YAML
Raw Blame History

name: Docker Scout Analysis
on:
pull_request:
branches: ["**"]
permissions:
contents: read
pull-requests: write
env:
IMAGE_NAME: gpb-flutter-sdk-web
jobs:
check-image:
runs-on: ubuntu-latest
outputs:
image_exists: ${{ steps.check.outputs.exists }}
steps:
- name: Log in to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_SVRNTY_USERNAME }}
password: ${{ secrets.DOCKERHUB_SVRNTY_ACCESS_TOKEN }}
- name: Check if latest image exists
id: check
run: |
if docker manifest inspect ${{ vars.REGISTRY }}/${{ env.IMAGE_NAME }}:latest > /dev/null 2>&1; then
echo "exists=true" >> $GITHUB_OUTPUT
echo "Latest image found, Scout compare will run"
else
echo "exists=false" >> $GITHUB_OUTPUT
echo "No latest image found, skipping Scout compare (nothing to compare against)"
fi
scout-amd64:
runs-on: ubuntu-latest
needs: check-image
if: needs.check-image.outputs.image_exists == 'true'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_SVRNTY_USERNAME }}
password: ${{ secrets.DOCKERHUB_SVRNTY_ACCESS_TOKEN }}
- name: Build amd64 image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64
push: false
load: true
tags: ${{ vars.REGISTRY }}/${{ env.IMAGE_NAME }}:pr-${{ github.event.pull_request.number }}-amd64
- name: Install Docker Scout
run: |
curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh -o install-scout.sh
sh install-scout.sh
- name: Docker Scout Compare (amd64)
run: |
docker scout compare ${{ vars.REGISTRY }}/${{ env.IMAGE_NAME }}:pr-${{ github.event.pull_request.number }}-amd64 --to ${{ vars.REGISTRY }}/${{ env.IMAGE_NAME }}:latest --ignore-unchanged --only-severity critical,high
Reference in New Issue View Git Blame Copy Permalink