This repository was archived by the owner on Jan 5, 2025. It is now read-only.
This repository was archived by the owner on Jan 5, 2025. It is now read-only.
Use GitHub actions build steps from verified authors for improved security #36
Description
The GitHub Actions workflows we have are currently using automation steps from unknown/non-verified authors, which can potentially inject malicious code into our image, or perform malicious behavior during build.
To improve this we should use verified build steps, like this one:
https://github.com/marketplace/actions/build-and-push-docker-images