[CONFIG] [Gihub Actions] splitted in two jobs.

Gonzalo Diaz · Gonzalo Diaz · commit 0ffb5ea35353 · 2024-07-09T13:59:10.000-04:00
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -20,19 +20,43 @@ jobs:
 
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
-      - name: Build the Docker image
-        run: make compose/rebuild
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          tags: |
+            ${{ env.IMAGE_NAME }}:latest
+            ${{ env.IMAGE_NAME }}:${{ github.sha }}
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: algorithm-exercises-ts:${{ github.sha }}
+          path: /tmp/algorithm-exercises-ts:${{ github.sha }}.tar
+
       - name: Lint in Docker image
         run: make compose/lint
       - name: Test in Docker image
         run: make compose/test
       - name: Run in Docker image
         run: make compose/run
-      - name: Tag Docker image
-        run: >
-          docker tag
-          ${{ env.IMAGE_NAME }}:latest
-          ${{ env.IMAGE_NAME }}:${{ github.sha }}
+
+  scan:
+    name: "Snyk Container"
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: myimage
+          path: /tmp
+
+      - name: Load image
+        run: |
+          docker load --input /tmp/myimage.tar
+          docker image ls -a
 
       - name: Run Snyk to check Docker image for vulnerabilities
         # Snyk can be used to break the build when it detects vulnerabilities.
