Refactor build of boreas-build/build.Dockerfile in boreas

.docker/prod.Dockerfile → .docker/Dockerfile

@@ -15,4 +15,4 @@ FROM registry.community.greenbone.net/community/gvm-libs:${VERSION}
 
 COPY --from=build /install/ /
 
-RUN ldconfig
+RUN ldconfig

.github/actions/install-dependencies-action/action.yml

@@ -0,0 +1,17 @@
+name: 'Install dependencies'
+description: 'Install dependencies for Boreas'
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+    - name: Build Boreas
+      run: |
+        apt-get update && apt-get install --no-install-recommends --no-install-suggests -y \
+        build-essential \
+        curl \
+        cmake \
+        pkg-config \
+        libglib2.0-dev \
+        libgnutls28-dev \
+        libpcap-dev \
+        && rm -rf /var/lib/apt/lists/*

.github/workflows/ci-c.yml

@@ -11,8 +11,9 @@ jobs:
   c-format-check:
     name: Check C Source Code Formatting
     runs-on: 'ubuntu-latest'
+    container: registry.community.greenbone.net/community/gvm-libs:edge
     steps:
-      - uses: actions/checkout@v4
+      - uses: .github/actions/install-dependencies-action
       - name: Check Source Format
         run: |
           clang-format -i -style=file src/*.c
@@ -21,22 +22,23 @@ jobs:
   tests:
     name: Unit Tests
     runs-on: 'ubuntu-latest'
-    container: greenbone/boreas-build:unstable
+    container: registry.community.greenbone.net/community/gvm-libs:edge
     steps:
-      - uses: actions/checkout@v4
+      - uses: .github/actions/install-dependencies-action
       - name: Configure and Compile boreas
         run: |
           mkdir build
           cd build
           cmake -DCMAKE_BUILD_TYPE=Debug ..
           make install
 
+
   scan-build:
     name: Scan-build with clang
     runs-on: 'ubuntu-latest'
-    container: greenbone/boreas-build:unstable
+    container: registry.community.greenbone.net/community/gvm-libs:edge
     steps:
-      - uses: actions/checkout@v4
+      - uses: .github/actions/install-dependencies-action
       - name: Install clang tools
         run: |
           apt update

.github/workflows/codeql.yml

@@ -17,20 +17,19 @@ jobs:
       actions: read
       contents: read
       security-events: write
-    container: ${{ github.repository }}-build:unstable
+    container: registry.community.greenbone.net/community/gvm-libs:edge
 
     strategy:
       fail-fast: false
       matrix:
         language: [ 'c' ]
-        
+
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
+    - uses: .github/actions/install-dependencies-action
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628
       with:
         languages: ${{ matrix.language }}
         queries: security-and-quality
@@ -42,6 +41,6 @@ jobs:
         -DCMAKE_BUILD_TYPE=Release .. && make install
       working-directory: ${{ github.WORKSPACE }}
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/push.yml

@@ -0,0 +1,27 @@
+name: Build & Push to Greenbone Registry
+
+on:
+  push:
+    branches: [ main ]
+    tags: ["v*"]
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+    inputs:
+      ref-name:
+        type: string
+        description: "The ref to build a container image from. For example a tag v23.0.0."
+        required: true
+
+jobs:
+  build-push-debian-stable-container:
+    name: Build and Push debian:stable to Greenbone Registry
+    uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main
+    with:
+      build-docker-file: .docker/Dockerfile
+      image-url: community/boreas
+      image-labels: |
+        org.opencontainers.image.vendor=Greenbone
+        org.opencontainers.image.base.name=debian:stable-slim
+      ref-name: ${{ inputs.ref-name }}
+    secrets: inherit

.github/workflows/release.yml

@@ -23,14 +23,14 @@ on:
 # For a patch release, the latest tag is enhanced with 0.0.1, leaving the major and minor versions as
 # they are.
 #
-# For a minor release, the latest tag is enhanced with 0.1.0, and the patch version is set to 0. 
+# For a minor release, the latest tag is enhanced with 0.1.0, and the patch version is set to 0.
 #
 # For a major release, a branch is created for the latest major release found by tag, and the version
 # is enhanced with $latest_tag + 1.0.0, increasing the major version by 1 and setting the minor and
 # patch versions to 0.
 #
 # Major version releases are only valid on the "main" branch.
-# 
+#
 # Once the version is found and enhanced, each project file is updated to the new
 # version, and a commit is created in the found branch.
 jobs:
@@ -40,7 +40,7 @@ jobs:
         (github.event_name == 'workflow_dispatch') ||
         (
           github.event.pull_request.merged == true &&
-          ( 
+          (
             contains(github.event.pull_request.labels.*.name, 'major_release') ||
             contains(github.event.pull_request.labels.*.name, 'minor_release') ||
             contains(github.event.pull_request.labels.*.name, 'patch_release')
@@ -112,7 +112,7 @@ jobs:
           export BRANCH_NAME=$(echo "${{ env.LATEST_VERSION }}" | sed 's/^\([0-9]*\).*/v\1/')
           git checkout -b "$BRANCH_NAME"
           git push origin "$BRANCH_NAME"
-      # create branch of version 
+      # create branch of version
       - name: prepare project version ${{ env.RELEASE_REF }} ${{ env.LATEST_VERSION }} -> ${{ env.NEW_VERSION }}
         run: |
           # jump back for the case that we switched to a tag