java

Setup multi platform build #31

	name: java

	on:
	push:
	branches:
	- main
	- develop
	- feature/**
	pull_request:
	branches:
	- main
	- develop
	- feature/**

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ vars.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}

	- name: Set up Task
	uses: arduino/setup-task@v2
	with:
	version: 3.x
	repo-token: ${{ secrets.GH_TOKEN }}

	- name: Set up Dockle
	run: \|
	VERSION=$(
	curl --silent "https://api.github.com/repos/goodwithtech/dockle/releases/latest" \| \
	grep '"tag_name":' \| \
	sed -E 's/."v([^"]+)"./\1/' \
	) && curl -L -o dockle.deb https://github.com/goodwithtech/dockle/releases/download/v${VERSION}/dockle_${VERSION}_Linux-64bit.deb
	sudo dpkg -i dockle.deb && rm dockle.deb

	- name: Set up Trivy
	run: \|
	sudo apt-get install wget apt-transport-https gnupg
	wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key \| gpg --dearmor \| sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
	echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" \| sudo tee -a /etc/apt/sources.list.d/trivy.list
	sudo apt-get update
	sudo apt-get install trivy

	- name: Build & Push Java Image
	run: task java:build -- --push

	- name: Verify the built image follows the best practises
	run: task java:verify

	- name: Scan the built image for vulnerabilities
	run: task java:scan

Provide feedback