docker-pipeline #2

	name: Docker CI

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]

	jobs:
	docker_build:
	runs-on: ubuntu-latest

	steps:
	- name: Check code
	uses: actions/checkout@v4
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	- name: Cache Docker layers
	uses: actions/cache@v3
	with:
	path: ~/.cache/docker
	key: ${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
	restore-keys: \|
	${{ runner.os }}-docker-
	- name: Build the Docker image
	run: docker build . --file Dockerfile --tag my-image-name:$(date +%s)

	security_test:
	runs-on: ubuntu-latest
	needs: docker_build
	steps:
	- name: Check code
	uses: actions/checkout@v4

	- name: Install Trivy
	run: \|
	sudo apt-get update
	sudo apt-get install -y apt-transport-https
	curl -fsSL https://github.com/aquasecurity/trivy/releases/download/v0.35.0/trivy_0.35.0_Linux-64bit.deb -o trivy.deb
	sudo dpkg -i trivy.deb
	sudo apt-get update
	sudo apt-get install -f

	- name: Scan Docker image for vulnerabilities using Trivy
	run: \|
	# Trivy scan for vulnerabilities
	trivy image --no-progress my-image-name:$(date +%s)

	- name: Fail the build on critical vulnerabilities (optional)
	run: \|
	trivy image --exit-code 1 --no-progress my-image-name:$(date +%s)

Provide feedback