Add image scan to build

2020-11-19 22:53:54 -08:00 · 2020-11-19 22:53:54 -08:00 · da890ed4ec
commit da890ed4ec
parent c77f06893a
2 changed files with 23 additions and 6 deletions
--- a/.github/workflows/deb.yaml
+++ b/.github/workflows/deb.yaml
@ -36,12 +36,6 @@ jobs:
          images: ${{ steps.repo.outputs.repo }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        if: ${{ github.event_name != 'pull_request' }}
-        with:
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
      - name: Build image without push
        uses: docker/build-push-action@v2
        with:
@ -59,6 +53,12 @@ jobs:
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: ${{ steps.scan.outputs.sarif }}
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        if: ${{ github.event_name != 'pull_request' }}
+        with:
+          username: ${{ secrets.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
      - name: Push image
        uses: docker/build-push-action@v2
        with: