🐛 fix: update release workflow - Merge pull request #5 from wgtechlabs/dev

warengonzaga · web-flow · commit 204be69aa68e · 2025-06-22T00:53:52.000+08:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,24 +13,27 @@ jobs:
     name: Build Production Images
     runs-on: ubuntu-latest
     if: startsWith(github.ref, 'refs/tags/')
+    permissions:
+      contents: read
+      packages: write
     
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+          
       - name: Setup Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
           driver: cloud
           endpoint: "wgtechlabs/unthread-bot-builder"
           install: true
           
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-          
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
@@ -91,19 +94,20 @@ jobs:
             org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
             org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}
             org.opencontainers.image.licenses=GPL-3.0
-          cache-from: type=gha
+            cache-from: type=gha
           cache-to: type=gha,mode=max
           
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.28.0
+        continue-on-error: true
         with:
           image-ref: ${{ env.REGISTRY_DOCKERHUB }}:${{ steps.version.outputs.version }}
           format: 'sarif'
           output: 'trivy-results.sarif'
           
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
-        if: always()
+        if: always() && hashFiles('trivy-results.sarif') != ''
         with:
           sarif_file: 'trivy-results.sarif'
           
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "unthread-webhook-server",
-  "version": "1.0.0-beta.2",
+  "version": "1.0.0-beta.3",
   "description": "A Node.js server application that receives webhook events from Unthread.io and queues them for processing.",
   "license": "GPL-3.0",
   "private": true,

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "unthread-webhook-server",`
`3`		`- "version": "1.0.0-beta.2",`
	`3`	`+ "version": "1.0.0-beta.3",`
`4`	`4`	`"description": "A Node.js server application that receives webhook events from Unthread.io and queues them for processing.",`
`5`	`5`	`"license": "GPL-3.0",`
`6`	`6`	`"private": true,`