From b8f2186593efb96a0262858b0c817cf8231d2793 Mon Sep 17 00:00:00 2001
From: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
Date: Fri, 22 Apr 2022 14:15:04 +0200
Subject: [PATCH 1/2] revert: docker matrix build

Apparently matrix builds don't work with the docker action.

Only reference I found about the topic: https://github.com/docker/build-push-action/issues/130

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---
 .github/workflows/artifacts.yaml | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml
index f9634829..9eafb324 100644
--- a/.github/workflows/artifacts.yaml
+++ b/.github/workflows/artifacts.yaml
@@ -14,10 +14,6 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        platform:
-          - linux/amd64
-          - linux/arm/v7
-          - linux/arm64
         variant:
           - alpine
           - distroless
@@ -62,7 +58,7 @@ jobs:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
         with:
-          platforms: arm64,arm
+          platforms: all
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
@@ -86,7 +82,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: ${{ matrix.platform }}
+          platforms: linux/amd64,linux/arm/v7,linux/arm64
           cache-from: type=gha
           cache-to: type=gha,mode=max
           push: ${{ github.event_name == 'push' }}

From a9fb4ae7efeeefc710766c0fda077ead65047c9b Mon Sep 17 00:00:00 2001
From: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
Date: Fri, 22 Apr 2022 14:21:28 +0200
Subject: [PATCH 2/2] revert: move container scan back to the container build
 step

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---
 .github/workflows/artifacts.yaml | 28 ++--------------------------
 1 file changed, 2 insertions(+), 26 deletions(-)

diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml
index 9eafb324..09662c62 100644
--- a/.github/workflows/artifacts.yaml
+++ b/.github/workflows/artifacts.yaml
@@ -17,8 +17,6 @@ jobs:
         variant:
           - alpine
           - distroless
-    outputs:
-      version: ${{ steps.details.outputs.version }}
 
     steps:
       - name: Checkout
@@ -103,38 +101,16 @@ jobs:
             org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }}
             org.opencontainers.image.documentation=https://dexidp.io/docs/
 
-  container-scan:
-    name: Container scan
-    runs-on: ubuntu-latest
-    needs: container-images
-    if: github.event_name == 'push'
-    strategy:
-      matrix:
-        variant:
-          - alpine
-          - distroless
-
-    steps:
-      # Workaround for lack of matrix output support
-      - name: Calculate container image details
-        id: details
-        run: |
-          VERSION="${{ needs.container-images.outputs.version }}"
-
-          if [[ "${{ matrix.variant }}" != "alpine" ]]; then
-            VERSION="${VERSION}-${{ matrix.variant }}"
-          fi
-
-          echo ::set-output name=version::${VERSION}
-
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.2.5
         with:
           image-ref: "ghcr.io/dexidp/dex:${{ steps.details.outputs.version }}"
           format: "sarif"
           output: "trivy-results.sarif"
+        if: github.event_name == 'push'
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v1
         with:
           sarif_file: "trivy-results.sarif"
+        if: github.event_name == 'push'