nune/privatebin-docker-nginx-fpm-alpine
nune/privatebin-docker-nginx-fpm-alpine
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
378 commits 7 branches 70 tags 498 KiB
Commit graph

65 commits

Author SHA1 Message Date
dependabot[bot]
8d911cbd2a
Bump zaproxy/action-full-scan from 0.11.0 to 0.12.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-22 05:52:09 +00:00
dependabot[bot]
e7959a773f
Bump zaproxy/action-full-scan from 0.10.0 to 0.11.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-26 05:13:24 +00:00
dependabot[bot]
ff3d32df0f
Bump zaproxy/action-full-scan from 0.9.0 to 0.10.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-03 05:11:49 +00:00
dependabot[bot]
f3feea065e
Bump zaproxy/action-full-scan from 0.8.0 to 0.9.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-26 05:40:46 +00:00
dependabot[bot]
03d37db311
Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 05:42:54 +00:00
El RIDO
d8412a1a04
enable building on s390 arch 2023-12-09 13:51:56 +01:00
rugk
545a6dfd3a
Simplify if condition by using startsWith 
Should now be equivalent to the previous one.
 2023-11-18 17:15:07 +01:00
rugk
ac988f2a24
Simplify if condition in build script 
The of condition likely was wrongly inverted (it said it would run if the branch was _not_ master).
Also it's kinda useless anyway, as the trigger definitions above (in `on`) already restrict the branches.
 2023-11-03 12:01:24 +01:00
dependabot[bot]
a96d9b8928
Bump zaproxy/action-full-scan from 0.7.0 to 0.8.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-01 05:41:43 +00:00
dependabot[bot]
10f3a04035
Bump docker/setup-buildx-action from 2 to 3 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-14 03:34:59 +00:00
El RIDO
63992f5912
Merge pull request #170 from PrivateBin/dependabot/github_actions/docker/login-action-3 
Bump docker/login-action from 2 to 3
 2023-09-14 05:33:54 +02:00
dependabot[bot]
050c2d3ecf
Bump docker/login-action from 2 to 3 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 05:50:03 +00:00
dependabot[bot]
8844becb94
Bump docker/setup-qemu-action from 2 to 3 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 05:49:59 +00:00
dependabot[bot]
b86422ee08
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 05:22:36 +00:00
dependabot[bot]
0b75c21acc
Bump zaproxy/action-full-scan from 0.6.0 to 0.7.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 05:33:54 +00:00
dependabot[bot]
d53e4c4c20
Bump zaproxy/action-full-scan from 0.5.1 to 0.6.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.5.1...v0.6.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 05:17:28 +00:00
dependabot[bot]
04ba547811
Bump zaproxy/action-full-scan from 0.5.0 to 0.5.1 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.5.0...v0.5.1)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-06 05:35:47 +00:00
dependabot[bot]
ae587775e7
Bump zaproxy/action-full-scan from 0.4.0 to 0.5.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-30 05:15:44 +00:00
El RIDO
9697dae1c1 bump version of base image for Trivy 2023-04-28 05:51:14 +02:00
Zoey
faf187d7d5
change username 2023-02-24 21:31:38 +01:00
Zoey
0657826ac5
Fix conditions 2023-02-23 23:24:54 +01:00
Zoey
b75bc80c4b
Update build-images.yml 2023-02-23 23:00:28 +01:00
rugk
3b95078242
Also run Shellcheck on PRs 2022-12-30 18:34:47 +01:00
rugk
2f74b91d21
Add Shellcheck GitHub action 
Noticed as missing in https://github.com/PrivateBin/docker-nginx-fpm-alpine/pull/128 and thus added.
 2022-12-30 18:32:52 +01:00
El RIDO
498bc936f8
and enable it in the workflow 2022-10-22 18:18:38 +02:00
dependabot[bot]
22f9dcf620
Bump zaproxy/action-full-scan from 0.3.0 to 0.4.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-24 05:37:35 +00:00
dependabot[bot]
8487fba4d3
Merge pull request #98 from PrivateBin/dependabot/github_actions/docker/setup-qemu-action-2 2022-05-09 17:20:13 +00:00
dependabot[bot]
dba31fd76c
Bump docker/setup-buildx-action from 1 to 2 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 05:14:21 +00:00
dependabot[bot]
b87c75fc99
Bump docker/setup-qemu-action from 1 to 2 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 05:14:18 +00:00
dependabot[bot]
56113d3577
Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-26 05:27:08 +00:00
dependabot[bot]
8f220e1574
Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-02 05:22:45 +00:00
rugk
aee7ca9368
Remove now fixed exclusions 
According to the upstream issues these both should be fixed and can thus be removed.
 2022-02-28 22:46:34 +01:00
El RIDO
c841e76c7e fully unwind & parallelize loop 2021-09-29 20:03:42 +02:00
El RIDO
76234b4a1e split stable & edge builds, for parallelization & avoiding failures in one to prevent the other images to build 2021-09-29 19:41:07 +02:00
dependabot[bot]
6ea584c391
Bump zaproxy/action-full-scan from 0.2.0 to 0.3.0 
Bumps [zaproxy/action-full-scan](https://github.com/zaproxy/action-full-scan) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/zaproxy/action-full-scan/releases)
- [Changelog](https://github.com/zaproxy/action-full-scan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaproxy/action-full-scan/compare/v0.2.0...v0.3.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-full-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-15 05:15:31 +00:00
rugk
c851b02083
Enable Dependabot for Docker and GitHub Actions 
AFAIK (and this was new to me) Dependabot is not active by default.

This enables it for all dependencies here (Github Actions and Docker), so it scans and suggests updates.
 2021-09-01 01:25:09 +02:00
rugk
390d7cb50f
Let's properly name things… 
Of course this is less of a build and more of a build for analysis with Trivy…
 2021-08-25 23:10:39 +02:00
El RIDO
5734338459
remove section completly instead of just commenting part of it - git history will preserve it all if we want to go back #53 2021-07-07 08:24:29 +02:00
rugk
725a000629
Disable Sync for PRs 2021-07-06 22:25:25 +02:00
El RIDO
edc857a9f3
ignore false positive in ZAP report #29 2021-06-26 06:46:17 +02:00
El RIDO
b3d8f7a47d
Merge pull request #46 from PrivateBin/trivy 
Add Trivy analysis
 2021-06-06 17:53:33 +02:00
rugk
41f31bb6e7
Rename trivy-analysis.yml to .github/workflows/trivy-analysis.yml 2021-06-06 17:27:33 +02:00
El RIDO
9b0301e2ee
Revert "trying to workaround github action redaction mechanism" 
This reverts commit 2cc183223e.
 2021-06-06 11:22:44 +02:00
El RIDO
2cc183223e
trying to workaround github action redaction mechanism 2021-06-06 11:21:14 +02:00
El RIDO
a662fb5d02
Merge branch 'master' of github.com:PrivateBin/docker-nginx-fpm-alpine 2021-06-06 11:15:43 +02:00
El RIDO
63ad058a51
move github build into script for easier maintenance 2021-06-06 11:14:30 +02:00
rugk
aab06e6a36
Add snyk container scanning CI 
Another GitHub action that looked useful.

I've had to login with my GitHub account at https://app.snyk.io to get a free API token (saved as a secret in this repo) though.
 2021-06-04 23:36:36 +02:00
El RIDO
081580da91
build context != Dockerfile 2021-05-06 20:31:41 +02:00
El RIDO
f43c4f64a9
adding an Alpine edge build, as per discussion in #36 2021-05-06 20:26:18 +02:00
El RIDO
ada7a40cbf
disable further false positives 2021-04-22 19:14:07 +02:00