Update main.yml #14

	name: Build, Push, and Deploy

	on:
	push:
	branches:
	- master

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1

	- uses: actions/checkout@v2
	- name: Set env
	run: echo "GITHUB_BRANCH=$(echo $GITHUB_REF_NAME-$GITHUB_SHA)" >> $GITHUB_ENV

	- name: Build Docker image
	run: \|
	docker buildx create --use
	docker buildx inspect default --bootstrap
	docker buildx build --file Dockerfile -t mhaidir32/node-js-sample-akash:$GITHUB_REF_NAME-$GITHUB_SHA --load .

	container_scanning:
	runs-on: ubuntu-latest
	needs: build
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: build local container
	uses: docker/build-push-action@v2
	with:
	tags: mhaidir32/node-js-sample-akash:${{ github.sha }}
	push: false
	load: true
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: 'mhaidir32/node-js-sample-akash:${{ github.sha }}'
	format: 'sarif'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'
	output: 'trivy-results.sarif'
	continue-on-error: true
	- name: Display structure of downloaded files
	run: ls -lah
	- name: display path
	run: pwd
	- name: download artifact
	uses: actions/download-artifact@v4
	with:
	path: .
	name: 'trivy-results.sarif'
	- name: Upload Trivy SARIF Report
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback