Skip to content

Fix security issue in minizip (CSP-2769) #177

Fix security issue in minizip (CSP-2769)

Fix security issue in minizip (CSP-2769) #177

name: Docker Image CI
on:
push:
branches:
- master
tags:
- 'v*'
schedule:
- cron: "05 04 * * 1"
jobs:
build:
runs-on: ubuntu-latest
env:
REPO: jgraph/drawio
HTTP_PORT: 32733
HTTPS_PORT: 32734
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASS: ${{ secrets.DOCKER_PASS }}
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- uses: actions/checkout@v3
- name: Build Docker image
run: |
# Get draw.io current latest version
wget https://raw.githubusercontent.com/jgraph/drawio/master/VERSION
export VERSION=`cat VERSION`
echo "${DOCKER_PASS}" | docker login -u "${DOCKER_USER}" --password-stdin;
export GIT_BRANCH=`echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }'`
export TAG=`if [ "$GIT_BRANCH" == "v${VERSION}" ] || [ "$GIT_BRANCH" == "master" ]; then echo "latest"; else echo $GIT_BRANCH ; fi`
docker buildx build --platform linux/amd64,linux/arm64 -f main/Dockerfile -t ${REPO}:${VERSION} -t ${REPO}:$TAG --push main/
#With platform build, the images are not stored locally, so we test the image after pushing it
docker run --name "drawio" -d -p ${HTTP_PORT}:8080 -p ${HTTPS_PORT}:8443 ${REPO}:${VERSION}
sleep 10
docker logs drawio
docker exec drawio /bin/bash -c "curl -i http://localhost:8080"