From 1f5ca58e722d63ba30868a2faffe6942719bad62 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Fri, 15 May 2026 14:02:39 +0530 Subject: [PATCH 01/10] Add support for NPM Azure Key in Docker build for platform-ui Signed-off-by: Vaibhav Gadre --- .github/workflows/grype.yml | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml index e83693b..a8715b5 100644 --- a/.github/workflows/grype.yml +++ b/.github/workflows/grype.yml @@ -97,6 +97,9 @@ jobs: if: ${{ inputs.prebuilt-image-artifact == '' }} env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # WARNING: This workflow accesses a non-default secret. Ensure this secret is + # required and that it is stored securely in the repository or organization settings. + NPM_AZURE_KEY: ${{ secrets.NPM_AZURE_KEY }} run: | if [ ! -f "Dockerfile" ]; then echo "❌ No Dockerfile found - this workflow requires a Dockerfile to scan Docker image" @@ -106,8 +109,25 @@ jobs: echo "Building Docker image..." REPO_NAME=$(basename $(pwd)) + # Strategy 0: platform-ui - build with NPM Azure Key via buildx secret + if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then + echo "Detected platform-ui - building with NPM Azure Key secret" + trap 'rm -f .npmrc.tmp' EXIT + printf '%s' "$NPM_AZURE_KEY" > .npmrc.tmp + docker buildx create --use + docker buildx build \ + --secret id=npmrc,src=.npmrc.tmp \ + --load \ + --platform linux/amd64 \ + --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \ + --build-arg GIT_SHA="${{ github.sha }}" \ + --build-arg APP_VERSION="${{ github.ref_name }}" \ + --build-arg DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ + -t "${REPO_NAME}:latest" . + IMAGES="${REPO_NAME}:latest" + # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) - if [ -f "build-docker.sh" ]; then + elif [ -f "build-docker.sh" ]; then echo "Found build-docker.sh script - using it to build images" chmod +x build-docker.sh GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" ./build-docker.sh From df77bd9850cdfc248073fa1bb4a90f14ca065c75 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Fri, 15 May 2026 14:14:28 +0530 Subject: [PATCH 02/10] update common workflow for testing Signed-off-by: Vaibhav Gadre --- .github/workflows/ci-main-pull-request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 73ea595..6c7a30b 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -1016,7 +1016,7 @@ jobs: run-grype-image: name: 'Grype Docker image scan' if: ${{ inputs.perform-grype-image-scan }} - uses: chef/common-github-actions/.github/workflows/grype.yml@main + uses: chef/common-github-actions/.github/workflows/grype.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix needs: [checkout, build-docker-image] secrets: inherit with: From 0748f20b97364de55394c7529ac1d4e44998093a Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Fri, 15 May 2026 14:23:29 +0530 Subject: [PATCH 03/10] Add NPM Azure Key support for platform-ui Docker build and update workflow reference Signed-off-by: Vaibhav Gadre --- .github/workflows/build-docker-image.yml | 22 +++++++++++++++++++++- .github/workflows/ci-main-pull-request.yml | 2 +- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index bdc4ae9..1d9a12d 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -59,6 +59,9 @@ jobs: id: build-image env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # WARNING: This workflow accesses a non-default secret. Ensure this secret is + # required and that it is stored securely in the repository or organization settings. + NPM_AZURE_KEY: ${{ secrets.NPM_AZURE_KEY }} run: | if [ ! -f "Dockerfile" ]; then echo "❌ No Dockerfile found - cannot build" @@ -68,8 +71,25 @@ jobs: echo "Building Docker image..." REPO_NAME=$(basename $(pwd)) + # Strategy 0: platform-ui - build with NPM Azure Key via buildx secret + if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then + echo "Detected platform-ui - building with NPM Azure Key secret" + trap 'rm -f .npmrc.tmp' EXIT + printf '%s' "$NPM_AZURE_KEY" > .npmrc.tmp + docker buildx create --use + docker buildx build \ + --secret id=npmrc,src=.npmrc.tmp \ + --load \ + --platform linux/amd64 \ + --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \ + --build-arg GIT_SHA="${{ github.sha }}" \ + --build-arg APP_VERSION="${{ github.ref_name }}" \ + --build-arg DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ + -t "${REPO_NAME}:latest" . + IMAGES="${REPO_NAME}:latest" + # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) - if [ -f "build-docker.sh" ]; then + elif [ -f "build-docker.sh" ]; then echo "Found build-docker.sh script - using it to build images" chmod +x build-docker.sh GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" ./build-docker.sh diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 6c7a30b..6c1525e 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -1029,7 +1029,7 @@ jobs: build-docker-image: name: 'Build Docker image for security scans' if: ${{ inputs.perform-grype-image-scan == true || inputs.perform-wiz-scan == true }} - uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@main + uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix needs: checkout secrets: inherit with: From 5589931585d1b76c6debe22f01954fb4d71e31f5 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Mon, 25 May 2026 15:08:58 +0530 Subject: [PATCH 04/10] CHEF-33431: delegate platform-ui docker build to build-docker.sh Replace inline Strategy 0 docker build block with a call to the repo's own build-docker.sh script. The script is now fully self-contained: - Submodule checkout using GITHUB_TOKEN - NPM_AZURE_KEY written to .npmrc.tmp as a BuildKit secret - docker buildx build --load, tagged platform-ui:local Removes the need to duplicate npm secret / submodule logic in the common workflow. Only GITHUB_TOKEN, NPM_AZURE_KEY, BRANCH_NAME, GIT_SHA, APP_VERSION and LOCALES are passed as env vars to the script. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/build-docker-image.yml | 30 ++++++++++-------------- .github/workflows/grype.yml | 30 ++++++++++-------------- 2 files changed, 24 insertions(+), 36 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 1d9a12d..0dcfa14 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -59,9 +59,6 @@ jobs: id: build-image env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # WARNING: This workflow accesses a non-default secret. Ensure this secret is - # required and that it is stored securely in the repository or organization settings. - NPM_AZURE_KEY: ${{ secrets.NPM_AZURE_KEY }} run: | if [ ! -f "Dockerfile" ]; then echo "❌ No Dockerfile found - cannot build" @@ -71,22 +68,19 @@ jobs: echo "Building Docker image..." REPO_NAME=$(basename $(pwd)) - # Strategy 0: platform-ui - build with NPM Azure Key via buildx secret + # Strategy 0: platform-ui — delegate entirely to build-docker.sh which handles + # submodule checkout (PAT), NPM Azure Key secret, and docker buildx build. if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then - echo "Detected platform-ui - building with NPM Azure Key secret" - trap 'rm -f .npmrc.tmp' EXIT - printf '%s' "$NPM_AZURE_KEY" > .npmrc.tmp - docker buildx create --use - docker buildx build \ - --secret id=npmrc,src=.npmrc.tmp \ - --load \ - --platform linux/amd64 \ - --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \ - --build-arg GIT_SHA="${{ github.sha }}" \ - --build-arg APP_VERSION="${{ github.ref_name }}" \ - --build-arg DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ - -t "${REPO_NAME}:latest" . - IMAGES="${REPO_NAME}:latest" + echo "Detected platform-ui - delegating to build-docker.sh" + chmod +x build-docker.sh + GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" \ + NPM_AZURE_KEY="${{ secrets.NPM_AZURE_KEY }}" \ + BRANCH_NAME="${{ github.head_ref || github.ref_name }}" \ + GIT_SHA="${{ github.sha }}" \ + APP_VERSION="${{ github.ref_name }}" \ + LOCALES="en" \ + ./build-docker.sh + IMAGES="platform-ui:local" # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml index a8715b5..c784cd6 100644 --- a/.github/workflows/grype.yml +++ b/.github/workflows/grype.yml @@ -97,9 +97,6 @@ jobs: if: ${{ inputs.prebuilt-image-artifact == '' }} env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # WARNING: This workflow accesses a non-default secret. Ensure this secret is - # required and that it is stored securely in the repository or organization settings. - NPM_AZURE_KEY: ${{ secrets.NPM_AZURE_KEY }} run: | if [ ! -f "Dockerfile" ]; then echo "❌ No Dockerfile found - this workflow requires a Dockerfile to scan Docker image" @@ -109,22 +106,19 @@ jobs: echo "Building Docker image..." REPO_NAME=$(basename $(pwd)) - # Strategy 0: platform-ui - build with NPM Azure Key via buildx secret + # Strategy 0: platform-ui — delegate entirely to build-docker.sh which handles + # submodule checkout (PAT), NPM Azure Key secret, and docker buildx build. if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then - echo "Detected platform-ui - building with NPM Azure Key secret" - trap 'rm -f .npmrc.tmp' EXIT - printf '%s' "$NPM_AZURE_KEY" > .npmrc.tmp - docker buildx create --use - docker buildx build \ - --secret id=npmrc,src=.npmrc.tmp \ - --load \ - --platform linux/amd64 \ - --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \ - --build-arg GIT_SHA="${{ github.sha }}" \ - --build-arg APP_VERSION="${{ github.ref_name }}" \ - --build-arg DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ - -t "${REPO_NAME}:latest" . - IMAGES="${REPO_NAME}:latest" + echo "Detected platform-ui - delegating to build-docker.sh" + chmod +x build-docker.sh + GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" \ + NPM_AZURE_KEY="${{ secrets.NPM_AZURE_KEY }}" \ + BRANCH_NAME="${{ github.head_ref || github.ref_name }}" \ + GIT_SHA="${{ github.sha }}" \ + APP_VERSION="${{ github.ref_name }}" \ + LOCALES="en" \ + ./build-docker.sh + IMAGES="platform-ui:local" # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then From 126bd087ae05a713ab7f9204c58291b7e0411791 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Tue, 26 May 2026 10:56:07 +0530 Subject: [PATCH 05/10] CHEF-33431: add platform-ui Strategy 0 to wiz.yml Add Strategy 0 identical to grype.yml and build-docker-image.yml so platform-ui docker build delegates to build-docker.sh for Wiz scans. Handles submodule checkout, NPM_AZURE_KEY secret, and docker buildx build. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/build-docker-image.yml | 3 ++- .github/workflows/wiz.yml | 16 +++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 0dcfa14..8463854 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -78,9 +78,10 @@ jobs: BRANCH_NAME="${{ github.head_ref || github.ref_name }}" \ GIT_SHA="${{ github.sha }}" \ APP_VERSION="${{ github.ref_name }}" \ + RUN_ID="${{ github.run_id }}" \ LOCALES="en" \ ./build-docker.sh - IMAGES="platform-ui:local" + IMAGES="platform-ui:${{ github.run_id }}" # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then diff --git a/.github/workflows/wiz.yml b/.github/workflows/wiz.yml index bc97cdc..6d002c8 100644 --- a/.github/workflows/wiz.yml +++ b/.github/workflows/wiz.yml @@ -107,8 +107,22 @@ jobs: echo "Building Docker image..." REPO_NAME=$(basename $(pwd)) + # Strategy 0: platform-ui — delegate entirely to build-docker.sh which handles + # submodule checkout (GITHUB_TOKEN), NPM Azure Key secret, and docker buildx build. + if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then + echo "Detected platform-ui - delegating to build-docker.sh" + chmod +x build-docker.sh + GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" \ + NPM_AZURE_KEY="${{ secrets.NPM_AZURE_KEY }}" \ + BRANCH_NAME="${{ github.head_ref || github.ref_name }}" \ + GIT_SHA="${{ github.sha }}" \ + APP_VERSION="${{ github.ref_name }}" \ + LOCALES="en" \ + ./build-docker.sh + IMAGES="platform-ui:local" + # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) - if [ -f "build-docker.sh" ]; then + elif [ -f "build-docker.sh" ]; then echo "Found build-docker.sh script - using it to build images" chmod +x build-docker.sh GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" ./build-docker.sh From f90199af28d74518cbf1ebfed0f3662db3862f79 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Tue, 26 May 2026 15:21:32 +0530 Subject: [PATCH 06/10] CHEF-33431: remove RUN_ID from build-docker-image.yml Strategy 0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GitHub-hosted runners are ephemeral — no shared Docker daemon between jobs, so platform-ui:local tag is sufficient and unique per run. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/build-docker-image.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 8463854..0dcfa14 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -78,10 +78,9 @@ jobs: BRANCH_NAME="${{ github.head_ref || github.ref_name }}" \ GIT_SHA="${{ github.sha }}" \ APP_VERSION="${{ github.ref_name }}" \ - RUN_ID="${{ github.run_id }}" \ LOCALES="en" \ ./build-docker.sh - IMAGES="platform-ui:${{ github.run_id }}" + IMAGES="platform-ui:local" # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then From 76c450602b6b757556e1f349216e656ebc2b64ff Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Thu, 28 May 2026 11:05:19 +0530 Subject: [PATCH 07/10] reverting testing changes Signed-off-by: Vaibhav Gadre --- .github/workflows/ci-main-pull-request.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 6c1525e..73ea595 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -1016,7 +1016,7 @@ jobs: run-grype-image: name: 'Grype Docker image scan' if: ${{ inputs.perform-grype-image-scan }} - uses: chef/common-github-actions/.github/workflows/grype.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix + uses: chef/common-github-actions/.github/workflows/grype.yml@main needs: [checkout, build-docker-image] secrets: inherit with: @@ -1029,7 +1029,7 @@ jobs: build-docker-image: name: 'Build Docker image for security scans' if: ${{ inputs.perform-grype-image-scan == true || inputs.perform-wiz-scan == true }} - uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix + uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@main needs: checkout secrets: inherit with: From 13a714b11b69af7abd23315531ecff9c7fa48593 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Thu, 28 May 2026 11:36:01 +0530 Subject: [PATCH 08/10] CHEF-33431: detect platform-ui image dynamically after build-docker.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace hardcoded IMAGES="platform-ui:local" with the same dynamic grep used by Strategy 1 — detects whatever tag build-docker.sh actually produced. This decouples the workflow from the script's tag name and works correctly regardless of branch, PR, push to main, or release. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/build-docker-image.yml | 2 +- .github/workflows/grype.yml | 2 +- .github/workflows/wiz.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 0dcfa14..2ea1887 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -80,7 +80,7 @@ jobs: APP_VERSION="${{ github.ref_name }}" \ LOCALES="en" \ ./build-docker.sh - IMAGES="platform-ui:local" + IMAGES=$(docker images --format "{{.Repository}}:{{.Tag}}" | grep -E "^${REPO_NAME}" | grep -v "^") # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml index c784cd6..4107a0f 100644 --- a/.github/workflows/grype.yml +++ b/.github/workflows/grype.yml @@ -118,7 +118,7 @@ jobs: APP_VERSION="${{ github.ref_name }}" \ LOCALES="en" \ ./build-docker.sh - IMAGES="platform-ui:local" + IMAGES=$(docker images --format "{{.Repository}}:{{.Tag}}" | grep -E "^${REPO_NAME}" | grep -v "^") # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then diff --git a/.github/workflows/wiz.yml b/.github/workflows/wiz.yml index 6d002c8..188a66d 100644 --- a/.github/workflows/wiz.yml +++ b/.github/workflows/wiz.yml @@ -119,7 +119,7 @@ jobs: APP_VERSION="${{ github.ref_name }}" \ LOCALES="en" \ ./build-docker.sh - IMAGES="platform-ui:local" + IMAGES=$(docker images --format "{{.Repository}}:{{.Tag}}" | grep -E "^${REPO_NAME}" | grep -v "^") # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) elif [ -f "build-docker.sh" ]; then From a06d1e1472beae29b95ce0cc88d2ccf579c17706 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Thu, 28 May 2026 11:42:37 +0530 Subject: [PATCH 09/10] testing changes Signed-off-by: Vaibhav Gadre --- .github/workflows/ci-main-pull-request.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 73ea595..6c1525e 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -1016,7 +1016,7 @@ jobs: run-grype-image: name: 'Grype Docker image scan' if: ${{ inputs.perform-grype-image-scan }} - uses: chef/common-github-actions/.github/workflows/grype.yml@main + uses: chef/common-github-actions/.github/workflows/grype.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix needs: [checkout, build-docker-image] secrets: inherit with: @@ -1029,7 +1029,7 @@ jobs: build-docker-image: name: 'Build Docker image for security scans' if: ${{ inputs.perform-grype-image-scan == true || inputs.perform-wiz-scan == true }} - uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@main + uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix needs: checkout secrets: inherit with: From 66d31fc9b148c207c2d87ed812c9bdd4f0b01225 Mon Sep 17 00:00:00 2001 From: Vaibhav Gadre Date: Thu, 28 May 2026 13:06:31 +0530 Subject: [PATCH 10/10] reverting testing changes Signed-off-by: Vaibhav Gadre --- .github/workflows/ci-main-pull-request.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 6c1525e..73ea595 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -1016,7 +1016,7 @@ jobs: run-grype-image: name: 'Grype Docker image scan' if: ${{ inputs.perform-grype-image-scan }} - uses: chef/common-github-actions/.github/workflows/grype.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix + uses: chef/common-github-actions/.github/workflows/grype.yml@main needs: [checkout, build-docker-image] secrets: inherit with: @@ -1029,7 +1029,7 @@ jobs: build-docker-image: name: 'Build Docker image for security scans' if: ${{ inputs.perform-grype-image-scan == true || inputs.perform-wiz-scan == true }} - uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@vaibhav/CHEF-33431-platform-ui-docker-build-fix + uses: chef/common-github-actions/.github/workflows/build-docker-image.yml@main needs: checkout secrets: inherit with: