ci: push the database to Docker Hub

Signed-off-by: knqyf263 <knqyf263@gmail.com>

.github/workflows/cron.yml

@@ -52,42 +52,70 @@ jobs:
       - name: Move DB
         run: mv assets/db.tar.gz .
 
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USER }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
       - name: Login to GitHub Packages Container registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ env.GH_USER }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Install oras
-        run: |
-          # upgrade to ORAS 1.0.0
-          curl -LO https://github.com/oras-project/oras/releases/download/v1.0.0/oras_1.0.0_linux_amd64.tar.gz
-          tar -xvf ./oras_1.0.0_linux_amd64.tar.gz
-
-      - name: Upload assets to GHCR
-        run: |
-          ./oras version
-          tags=(latest ${{ env.VERSION }})
-          for tag in ${tags[@]}; do
-            ./oras push --artifact-type application/vnd.aquasec.trivy.config.v1+json \
-              ghcr.io/${{ github.repository }}:${tag} \
-              db.tar.gz:application/vnd.aquasec.trivy.db.layer.v1.tar+gzip
-          done
-
       - name: Login to ECR
         uses: docker/login-action@v3
         with:
           registry: public.ecr.aws
           username: ${{ secrets.ECR_ACCESS_KEY_ID }}
           password: ${{ secrets.ECR_SECRET_ACCESS_KEY }}
 
-      - name: Upload assets to ECR
+      - name: Install oras
+        run: |
+          # upgrade to ORAS 1.0.0
+          curl -LO https://github.com/oras-project/oras/releases/download/v1.0.0/oras_1.0.0_linux_amd64.tar.gz
+          tar -xvf ./oras_1.0.0_linux_amd64.tar.gz
+
+
+      - name: Upload assets to registries
         run: |
-          ./oras version
-          tags=(latest ${{ env.VERSION }})
-          for tag in ${tags[@]}; do
-            ./oras push --artifact-type application/vnd.aquasec.trivy.config.v1+json \
-              public.ecr.aws/aquasecurity/trivy-db:${tag} \
-              db.tar.gz:application/vnd.aquasec.trivy.db.layer.v1.tar+gzip
-          done
+          lowercase_repo=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')
+          echo "Starting artifact upload process..."
+          
+          # Define an array of registry base URLs and their corresponding repository names
+          declare -A registries=(
+            ["ghcr.io"]="${lowercase_repo}"
+            ["public.ecr.aws"]="${lowercase_repo}"
+            ["docker.io"]="${lowercase_repo}"
+          )
+          
+          # Special case for docker.io if the organization is 'aquasecurity'
+          if [[ "${lowercase_repo}" == "aquasecurity/"* ]]; then
+            registries["docker.io"]="aquasec/${lowercase_repo#aquasecurity/}"
+            echo "Docker Hub repository adjusted for aquasecurity: ${registries["docker.io"]}"
+          fi
+          
+          # Loop through each registry and push the artifact
+          for registry in "${!registries[@]}"; do
+            repo_name=${registries[$registry]}
+            full_registry_url="${registry}/${repo_name}"
+            echo "Processing registry: ${full_registry_url}"
+          
+            tags=(latest ${{ env.VERSION }})
+            for tag in "${tags[@]}"; do
+              echo "Pushing artifact with tag: ${tag}"
+          
+              if oras push --artifact-type application/vnd.aquasec.trivy.config.v1+json \
+                "${full_registry_url}:${tag}" \
+                db.tar.gz:application/vnd.aquasec.trivy.db.layer.v1.tar+gzip; then
+                echo "Successfully pushed to ${full_registry_url}:${tag}"
+              else
+                echo "Failed to push to ${full_registry_url}:${tag}"
+                exit 1
+              fi
+            done
+          done
+            
+          echo "Artifact upload process completed."