Update ci.yml

Kettailor · web-flow · commit 10b895d72790 · 2025-10-23T16:21:21.000+07:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -42,10 +42,8 @@ jobs:
       - name: Build API Gateway image
         run: docker build -t api-gateway ./api-gateway
 
-
   docker-scout:
     needs: build-and-test
-    if: ${{ secrets.DOCKER_NAME != '' && secrets.DOCKER_TOKEN != '' }}
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -73,34 +71,28 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      # 🔐 Đăng nhập Docker Hub (rất quan trọng để tránh lỗi "user githubactions not entitled")
       - name: Log in to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_NAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
 
-      - name: Build ${{ matrix.service }} service image
-        run: |
-          docker build -t docker.io/${{ secrets.DOCKER_NAME }}/${{ matrix.image }}:scout ${{ matrix.context }}
+      - name: Build ${{ matrix.service }} image
+        run: docker build -t ${{ matrix.image }}:scout ${{ matrix.context }}
 
-      # 🧪 Phân tích bằng Docker Scout
       - name: Analyze ${{ matrix.service }} image with Docker Scout
         uses: docker/scout-action@v1
         with:
           command: cves
-          image: docker.io/${{ secrets.DOCKER_NAME }}/${{ matrix.image }}:scout
-          accept-license: true
-          exit-code: false
+          image: ${{ matrix.image }}:scout
           sarif-file: ${{ matrix.image }}-docker-scout.sarif
-          write-comment: false
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          exit-code: false
+          accept-license: true
 
-      # 📤 Upload kết quả dạng SARIF để GitHub hiển thị trong Security tab
       - name: Upload Docker Scout results
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: ${{ matrix.image }}-docker-scout.sarif }
+          sarif_file: ${{ matrix.image }}-docker-scout.sarif
 
 
   push-docker-images:
@@ -123,7 +115,7 @@ jobs:
 
       - name: Build and push service images
         env:
-          REGISTRY: docker.io/${{ secrets.DOCKER_NAME }}
+          REGISTRY: ${{ secrets.DOCKER_NAME }}
           GIT_SHA: ${{ github.sha }}
         run: |
           if [ -z "$REGISTRY" ]; then
@@ -136,17 +128,17 @@ jobs:
             IMAGE_SHA="$REGISTRY/$service:${GIT_SHA::7}"
             IMAGE_LATEST="$REGISTRY/$service:latest"
 
-            echo "🔧 Building and pushing $service..."
+            echo "Building and pushing $service..."
             docker build -t "$IMAGE_SHA" -t "$IMAGE_LATEST" "./$service"
             docker push "$IMAGE_SHA"
             docker push "$IMAGE_LATEST"
           done
 
-      - name: Debug secrets
+      - name: Confirm secrets status
         run: |
           if [ -z "${{ secrets.DOCKER_NAME }}" ] || [ -z "${{ secrets.DOCKER_TOKEN }}" ]; then
             echo "Missing Docker secrets"
             exit 1
           else
-            echo "Docker secrets found"
+            echo "Docker secrets found and used successfully"
           fi
