sqlite-web 0.7.2
gitea.db
action_run_job
Create
Query
access
access_token
action
action_artifact
action_run
action_run_index
action_run_job
action_runner
action_runner_token
action_schedule
action_schedule_spec
action_task
action_task_output
action_task_step
action_tasks_version
action_variable
app_state
attachment
auth_token
badge
branch
collaboration
comment
commit_status
commit_status_index
commit_status_summary
commit_sync_log
commit_sync_status
dbfs_data
dbfs_meta
deploy_key
email_address
email_hash
external_login_user
follow
gpg_key
gpg_key_import
hook_task
issue
issue_assignees
issue_content_history
issue_dependency
issue_index
issue_label
issue_pin
issue_user
issue_watch
label
language_stat
lfs_lock
lfs_meta_object
login_source
milestone
mirror
notice
notification
oauth2_application
oauth2_authorization_code
oauth2_grant
org_user
package
package_blob
package_blob_upload
package_cleanup_rule
package_file
package_property
package_version
project
project_board
project_issue
protected_branch
protected_tag
public_key
pull_auto_merge
pull_request
push_mirror
reaction
release
renamed_branch
repo_archiver
repo_hidden_file
repo_indexer_status
repo_license
repo_redirect
repo_topic
repo_transfer
repo_unit
repository
review
review_state
secret
session
sqlite_sequence
star
stopwatch
system_setting
task
team
team_invite
team_repo
team_unit
team_user
topic
tracked_time
two_factor
upload
user
user_badge
user_blocking
user_open_id
user_redirect
user_setting
version
watch
webauthn_credential
webhook
Toggle helper tables
Structure
Content
Query
Insert
Drop
Import
Export
Delete row 18385 from action_run_job
id
18385
run_id
13575
repo_id
6
owner_id
5
commit_sha
2e3188c85a6cfc38ac7d3643b1cbbfc2e3e850d0
is_fork_pull_request
0
name
Build Docker Images
attempt
1
workflow_payload
name: CI "on": push: branches:
name: CI "on": push: branches: [main] pull_request: branches: [main] env: NODE_VERSION: "20" PNPM_VERSION: "9" jobs: build: name: Build Docker Images runs-on: ubuntu-latest if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - uses: actions/checkout@v4 - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: password: ${{ secrets.GITHUB_TOKEN }} registry: ghcr.io username: ${{ github.actor }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build API image uses: docker/build-push-action@v6 with: cache-from: type=gha cache-to: type=gha,mode=max context: . file: backend/Dockerfile load: "true" push: "false" tags: | ghcr.io/${{ github.repository_owner }}/juhi-api:latest ghcr.io/${{ github.repository_owner }}/juhi-api:${{ github.sha }} - name: Build Frontend image uses: docker/build-push-action@v6 with: cache-from: type=gha cache-to: type=gha,mode=max context: . file: frontend/Dockerfile load: "true" push: "false" tags: | ghcr.io/${{ github.repository_owner }}/juhi-frontend:latest ghcr.io/${{ github.repository_owner }}/juhi-frontend:${{ github.sha }} - id: trivy-api name: Trivy 扫描 API 镜像 uses: aquasecurity/trivy-action@0.28.0 with: exit-code: "1" format: sarif image-ref: ghcr.io/${{ github.repository_owner }}/juhi-api:${{ github.sha }} output: trivy-api-results.sarif severity: MEDIUM,HIGH,CRITICAL - id: trivy-frontend if: always() name: Trivy 扫描前端镜像 uses: aquasecurity/trivy-action@0.28.0 with: exit-code: "1" format: sarif image-ref: ghcr.io/${{ github.repository_owner }}/juhi-frontend:${{ github.sha }} output: trivy-frontend-results.sarif severity: MEDIUM,HIGH,CRITICAL - if: always() name: 上传 API 镜像安全扫描报告到 GitHub Security uses: github/codeql-action/upload-sarif@v3 with: category: trivy-api-image sarif_file: trivy-api-results.sarif - if: always() name: 上传前端镜像安全扫描报告到 GitHub Security uses: github/codeql-action/upload-sarif@v3 with: category: trivy-frontend-image sarif_file: trivy-frontend-results.sarif - id: trivy-gate if: always() name: 检查 Trivy 扫描结果 run: | # 任一镜像扫描失败则阻断后续推送 if [ "${{ steps.trivy-api.outcome }}" != "success" ] || [ "${{ steps.trivy-frontend.outcome }}" != "success" ]; then echo "scan_passed=false" >> $GITHUB_OUTPUT echo "::error::Trivy 安全扫描未通过,阻断镜像推送" else echo "scan_passed=true" >> $GITHUB_OUTPUT fi - if: steps.trivy-gate.outputs.scan_passed == 'true' name: Push API image run: | docker push ghcr.io/${{ github.repository_owner }}/juhi-api:latest docker push ghcr.io/${{ github.repository_owner }}/juhi-api:${{ github.sha }} - if: steps.trivy-gate.outputs.scan_passed == 'true' name: Push Frontend image run: | docker push ghcr.io/${{ github.repository_owner }}/juhi-frontend:latest docker push ghcr.io/${{ github.repository_owner }}/juhi-frontend:${{ github.sha }} - if: steps.trivy-gate.outputs.scan_passed != 'true' name: 扫描未通过时终止流水线 run: | echo "Trivy 扫描发现安全漏洞,镜像未推送" exit 1 permissions: contents: read packages: write security-events: write # 上传 SARIF 安全报告所需权限
...
job_id
build
needs
["frontend-typecheck","lint-and-typech
["frontend-typecheck","lint-and-typecheck","test"]
...
runs_on
["ubuntu-latest"]
task_id
15686
status
4
started
1776007227
stopped
1776007227
created
1776001251
updated
1776007228
raw_concurrency
is_concurrency_evaluated
1
concurrency_group
concurrency_cancel
0
Delete
Cancel