added publish-container workflow
All checks were successful
Build, Secure, and Push Docker Image on Release / build-and-push (release) Successful in 33s
All checks were successful
Build, Secure, and Push Docker Image on Release / build-and-push (release) Successful in 33s
This commit is contained in:
parent
3163cb1b96
commit
2e8a6465dc
GPG Key ID:
8C3667DADE3B6303
46
.gitea/workflows/publish-container.yaml
Normal file
46
.gitea/workflows/publish-container.yaml
Normal file
@ -0,0 +1,46 @@
|
||||
name: Build, Secure, and Push Docker Image on Release
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published, prereleased]
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
jobs:
|
||||
build-and-push:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Log in to DockerHub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
|
||||
|
||||
- name: Determine Tag Type
|
||||
id: tag_type
|
||||
run: |
|
||||
if [[ "${{ github.event.release.prerelease }}" == "true" ]]; then
|
||||
echo "tag=dev" >> $GITHUB_ENV
|
||||
else
|
||||
echo "tag=latest" >> $GITHUB_ENV
|
||||
fi
|
||||
|
||||
- name: Build, push, and generate SBOM and provenance
|
||||
run: |
|
||||
docker buildx build \
|
||||
--provenance=true \
|
||||
--sbom=true \
|
||||
--push \
|
||||
-t docker.io/singatias/osq-website:${{ github.event.release.tag_name }} \
|
||||
-t docker.io/singatias/osq-website:${{ env.tag }} \
|
||||
.
|
||||
Loading…
Reference in New Issue
Block a user