Merge pull request #2 from petersnick/sast-start #2

	name: Release

	on:
	push:
	branches: [ main, development ]

	jobs:
	deploy:

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3
	- run: docker build . -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
	- run: echo "${{secrets.DOCKERHUB_PASSWORD}}" \| docker login -u ${{secrets.DOCKERHUB_USERNAME}} --password-stdin
	- run: docker push ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app


	# snyk_image_scanning:

	# runs-on: ubuntu-latest

	# steps:
	# - uses: actions/checkout@v2
	# - name: Build the Docker image
	# run: docker build -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app .
	# - name: Run Snyk to check Docker image for vulnerabilities
	# # Snyk can be used to break the build when it detects vulnerabilities.
	# # In this case we want to upload the issues to GitHub Code Scanning
	# continue-on-error: true
	# uses: snyk/actions/docker@master
	# env:
	# # In order to use the Snyk Action you will need to have a Snyk API token.
	# # More details in https://github.com/snyk/actions#getting-your-snyk-token
	# # or you can signup for free at https://snyk.io/login
	# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	# with:
	# image: ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
	# args: --file=Dockerfile --exclude-base-image-vulns
	# - name: Upload Snyk report as sarif 📦
	# uses: github/codeql-action/upload-sarif@v2
	# with:
	# sarif_file: snyk.sarif

Provide feedback