Update GitHub action metadata to use ghcr.io image #534
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
|
The current arg changes are scanning the whole repo, but the previous are intending to only scan the differences from the default branch, which is what we desire for this action. |
|
It looks like it is working as intended if you revert the arg changes. |
The 'runs.image:' argument was using `Dockerfile`. This caused a Docker build of the trufflehog image every time someone used this action. I've changed the argument to use the already published Docker image. This will speed up the workflows considerably, since it pulls the image that is already built and available on GitHub's image storage.
channelbeta
force-pushed
the
use-docker-image-on-gh-actions
branch
from
5379801
to
14ae34c
Compare
|
@dustin-decker run 9 confirms that, since it is a branch that just changed the version of workflow to use my 9.9.9 test release. I've rebased this PR and it is ready for review. |
dustin-decker
approved these changes
May 9, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi, this PR implements what we discussed on #493. You can see my test results here.
Runs 1, 2 and 8 were done using the old mode (
Dockerfile). They took around 3 minutes of runner time just to build the images.Runs 5, 6 and 7 took around 3 seconds to pull the prebuilt image from ghcr.io 🤯
I'm using the
latesttag, as requested, and it seems to be working fine with regards to action metadata requirements. However, as you can see by the commit history on themainbranch (and also comparing results from workflow runs 7 and 8), I couldn't getthe new workflow to find any secrets on the repo.
I'm raising the PR as a draft while I investigate if this is an issue with the metadata change. If there is something I'm overlooking, please leave a comment here.