A GitHub composite action that simplifies Docker image building, pushing, and scanning. It combines Docker build, push, metadata handling, Scout scanning, and Kubescape security analysis into a single action.
- Multi-platform builds (amd64/arm64)
- GitHub Container Registry integration
- Docker Hub support
- Docker Scout vulnerability scanning
- Kubescape security analysis
- GitHub cache optimization
- SARIF report generation
- uses: meysam81/build-docker@v1
with:
image-name: ghcr.io/${{ github.repository }} # e.g. ghrc.io/octocat/hello-world
| Name |
Description |
Required |
Default |
image-name |
Image name (including registry path) |
Yes |
- |
github-token |
GitHub token for authentication |
Yes |
${{ github.token }} |
build-args |
Docker build arguments |
No |
"" |
context |
Build context path |
No |
. |
dockerhub-username |
Docker Hub username (required when scout-cves or scout-compare is enabled) |
No |
"" |
dockerhub-password |
Docker Hub password (required when scout-cves or scout-compare is enabled) |
No |
"" |
image-extra-tags |
Additional image tags |
No |
"" |
image-target |
Multi-stage build target |
No |
"" |
platforms |
Build platforms |
No |
linux/amd64,linux/arm64 |
push |
Push to registry (requires packages: write) |
No |
true |
ref |
Git ref to checkout |
No |
${{ github.ref }} |
runner |
GitHub runner to use |
No |
ubuntu-latest |
scout-compare |
Enable Docker Scout comparison |
No |
false |
scout-comment-pr |
Add Scout results as PR comment (only in pull requests) |
No |
false |
scout-cves |
Enable Docker Scout CVE scanning |
No |
false |
kubescape |
Enable Kubescape scanning |
No |
false |
kubescape-upload-sarif |
Upload Kubescape SARIF results to GitHub Security (requires security-events: write) |
No |
false |
| Name |
Description |
digest |
Image content-addressable digest |
imageid |
Built image ID |
metadata |
Build result metadata |
name: ci
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: meysam81/build-docker@v1
with:
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.run_id }}
kubescape: true
kubescape-upload-sarif: true