Merge pull request #4929 from jaredb96/dockerhub-cve-scan #4

	name: HMDA Docker Hub Image Push

	on:
	push:
	branches:
	- master

	jobs:
	push_to_dockerhub:
	name: Push Docker image to Docker Hub
	runs-on: ubuntu-latest
	permissions: write-all
	steps:
	- name: Check out the repo
	uses: actions/checkout@v4

	- name: Log in to Docker Hub
	uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}

	- name: Build image of HMDA Platform only
	run: \|
	sbt -batch clean hmda-platform/docker:publishLocal
	continue-on-error: true

	- name: Tag Docker image
	run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest

	- name: Push image to Docker Hub
	run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest

	- name: Run Docker Scout CVE scan
	if: ${{ github.event_name != 'pull_request_target' }}
	uses: docker/scout-action@v1
	with:
	command: cves
	image: ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest
	sarif-file: sarif.output.json
	summary: true

	- name: Upload CVE scan to artifact
	if: ${{ github.event_name != 'pull_request_target' }}
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: sarif.output.json

	- name: Post comment with report link
	uses: thollander/actions-comment-pull-request@v3
	with:
	message: CVE scan report generated by Docker Scout are available. Check the Actions tab to download the report.

Provide feedback