zabbix-docker/.github/workflows/dockerhub_description.yml
2024-02-16 19:17:11 +09:00

71 lines
1.9 KiB
YAML

name: DockerHub Description
on:
push:
branches:
- 'trunk'
paths:
- 'Dockerfiles/*/README.md'
- '.github/workflows/dockerhub_description.yml'
workflow_dispatch:
env:
DOCKER_REPOSITORY: "zabbix"
IMAGES_PREFIX: "zabbix-"
DOCKERFILES_DIRECTORY: "./Dockerfiles"
permissions:
contents: read
jobs:
main:
name: Update description
runs-on: ubuntu-latest
env:
DOCKER_REPOSITORY: "zabbix"
permissions:
contents: read
strategy:
fail-fast: false
matrix:
component:
- build-base
- build-mysql
- build-pgsql
- build-sqlite3
- agent
- agent2
- java-gateway
- proxy-mysql
- proxy-sqlite3
- server-mysql
- server-pgsql
- snmptraps
- web-apache-mysql
- web-apache-pgsql
- web-nginx-mysql
- web-nginx-pgsql
- web-service
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
hub.docker.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 1
- name: Update DockerHub repo description (zabbix-${{ matrix.component }})
uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ matrix.component }}
readme-filepath: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.component }}/README.md