Modified GitHub workflows

[DaanSelen]

Added Docker building and analyzing.

For this to work you NEED to add Github secrets and modify the image names so it reflects is well.

Please contact for more info.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[donaldzou]

Hi Daan, sorry for the late reply as I'm traveling lately. Just wondering for this change, if I understand correctly, it will automatically build and push to Docker Hub? If that so, what would need from my side?

Thanks again on the hard work!

[DaanSelen]

Hi Donald,

This has 3 workflows:

• Docker builder and push to Docker Hub
• Docker analyzer which can detect critical vulnerabilities with Docker Scout installed locally
• CodeQL code scanning

What I need for the docker heb push are GitHub secrets. You can create these here on the website. Under Repo -> Environment secrets. These must be the docker hub name and pass.

CodeQL I updated the versions because the current ones are deprecated (v1).

[donaldzou]

Hi Daan, both secrets are set. Let me know if you think is ready to merge and we can try it out.

[DaanSelen]

Yes just let me know which account you want to push it to, like what is the name? Mine would be dselen. But your secrets belong to something like Dzou?

[donaldzou]

Yes, my account should be donaldzou

[DaanSelen]

Hi @donaldzou , then it should be done now. Please verify if you agree. And if the DOCKER_HUB_USERNAME and DOCKER_HUB_PASSWORD are inside the repo.

You can verify inside another branch if you'd like. Create like workflow test, before merging into main.

[DaanSelen]

@donaldzou merge at will, it merges into another branch

[DaanSelen]

@donaldzou please look into the branch 4.1-dev-workflows (or similar) and if you agree, you can merge it into main.

[donaldzou]

It looks good, will merge now and fingers crossed lol

[donaldzou]

Everything works! thank u!

btw, how do i set an overview on the docker hub page? is there a readme.md i can add?

[DaanSelen]

Everything works! thank u!

btw, how do i set an overview on the docker hub page? is there a readme.md i can add?

Perhaps the README.md in the docker folder? With some modifications. I'll look into that, but I still need to do the language I promised.