2024-12-30 14:16:51 -05:00
|
|
|
name: Build, Secure, and Push Docker Image on Release
|
|
|
|
|
|
|
|
|
|
on:
|
|
|
|
|
release:
|
|
|
|
|
types: [published, prereleased]
|
|
|
|
|
|
|
|
|
|
permissions:
|
|
|
|
|
id-token: write
|
|
|
|
|
contents: read
|
|
|
|
|
packages: write
|
|
|
|
|
|
|
|
|
|
env:
|
|
|
|
|
DOCKER_IMAGE_NAME: docker.io/openharbor/odoo
|
|
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
|
build-and-push:
|
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Checkout code
|
|
|
|
|
uses: actions/checkout@v3
|
|
|
|
|
|
|
|
|
|
- name: Set up Docker Buildx
|
|
|
|
|
uses: docker/setup-buildx-action@v2
|
|
|
|
|
|
|
|
|
|
- name: Log in to DockerHub
|
|
|
|
|
uses: docker/login-action@v2
|
|
|
|
|
with:
|
|
|
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
|
|
|
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
|
|
|
|
|
|
|
|
|
|
- name: Determine Tag Type
|
|
|
|
|
id: tag_type
|
|
|
|
|
run: |
|
|
|
|
|
if [[ "${{ github.event.release.prerelease }}" == "true" ]]; then
|
|
|
|
|
echo "tag=dev" >> $GITHUB_ENV
|
|
|
|
|
else
|
|
|
|
|
echo "tag=latest" >> $GITHUB_ENV
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
- name: Build, push, and generate SBOM and provenance
|
|
|
|
|
run: |
|
|
|
|
|
docker buildx build \
|
|
|
|
|
--provenance=true \
|
|
|
|
|
--sbom=true \
|
|
|
|
|
--push \
|
|
|
|
|
-t ${{ env.DOCKER_IMAGE_NAME }}:${{ github.event.release.tag_name }} \
|
|
|
|
|
-t ${{ env.DOCKER_IMAGE_NAME }}:${{ env.tag }} \
|
2024-12-30 14:18:26 -05:00
|
|
|
./18.0/
|
