- name: Build image
run: docker build -t app:${{ github.sha }} .
- name: Scan image
uses: aquasecurity/trivy-action@0.24.0
with:
#!/usr/bin/env bash
# Docker Networking Modes & Configuration
# === List networks ===
docker network ls
docker network inspect bridge
#!/usr/bin/env bash
set -euo pipefail
# Container Registry Management & Image Lifecycle
# ============================================
#!/bin/bash
# Docker Compose commands
# Start all services
docker compose up -d
# Optimized production Dockerfile
# Stage 1: Dependencies
FROM node:20-alpine AS deps
WORKDIR /app
#!/usr/bin/env bash
set -euo pipefail
cosign sign --key env://COSIGN_PRIVATE_KEY ghcr.io/example/codesnips:${GITHUB_SHA}
cosign verify --key env://COSIGN_PUBLIC_KEY ghcr.io/example/codesnips:${GITHUB_SHA}
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-app
namespace: production
labels:
FROM ruby:3.3.1-slim AS base
RUN apt-get update \
&& apt-get install -y --no-install-recommends build-essential libpq-dev \
&& rm -rf /var/lib/apt/lists/*
# Multi-stage build for a Node.js application
# Stage 1: Build
FROM node:20-alpine AS builder
WORKDIR /app