Skip to content

Commit 517992b

Browse files
committed
added action
1 parent 4bb8663 commit 517992b

1 file changed

Lines changed: 92 additions & 0 deletions

File tree

Lines changed: 92 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,92 @@
1+
name: Docker
2+
3+
# This workflow uses actions that are not certified by GitHub.
4+
# They are provided by a third-party and are governed by
5+
# separate terms of service, privacy policy, and support
6+
# documentation.
7+
8+
on:
9+
push:
10+
branches:
11+
- main
12+
- staging
13+
tags:
14+
- 'v*.*.*'
15+
pull_request:
16+
branches:
17+
- main
18+
- staging
19+
schedule:
20+
- cron: '19 2 * * *'
21+
22+
env:
23+
# Use docker.io for Docker Hub if empty
24+
REGISTRY: ghcr.io
25+
# github.repository as <account>/<repo>
26+
IMAGE_NAME: ${{ github.repository }}
27+
28+
jobs:
29+
build:
30+
runs-on: ubuntu-latest
31+
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging'
32+
permissions:
33+
contents: read
34+
packages: write
35+
# This is used to complete the identity challenge
36+
# with sigstore/fulcio when running outside of PRs.
37+
id-token: write
38+
39+
steps:
40+
- name: Checkout repository
41+
uses: actions/checkout@v4
42+
43+
# Install the cosign tool except on PR
44+
# https://github.com/sigstore/cosign-installer
45+
- name: Install cosign
46+
if: github.event_name != 'pull_request'
47+
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 #v3.5.0
48+
with:
49+
cosign-release: 'v2.2.4'
50+
51+
# Set up BuildKit Docker container builder to be able to build
52+
# multi-platform images and export cache
53+
# https://github.com/docker/setup-buildx-action
54+
- name: Set up Docker Buildx
55+
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
56+
57+
# Login against a Docker registry except on PR
58+
# https://github.com/docker/login-action
59+
- name: Log into registry ${{ env.REGISTRY }}
60+
if: github.event_name != 'pull_request'
61+
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
62+
with:
63+
registry: ${{ env.REGISTRY }}
64+
username: ${{ github.actor }}
65+
password: ${{ secrets.GITHUB_TOKEN }}
66+
67+
# Extract metadata (tags, labels) for Docker
68+
- name: Extract Docker metadata
69+
id: meta
70+
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934
71+
with:
72+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
73+
tags: |
74+
type=ref,event=branch
75+
type=semver,pattern={{version}},enable=false
76+
77+
- name: Print tags before signing
78+
run: |
79+
echo "Tags to sign: ${{ steps.meta.outputs.tags }}"
80+
81+
82+
# Build and push Docker image with Buildx (don't push on PR)
83+
- name: Build and push Docker image
84+
if: github.event_name != 'pull_request'
85+
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
86+
with:
87+
context: .
88+
push: true
89+
tags: ${{ steps.meta.outputs.tags }}
90+
labels: ${{ steps.meta.outputs.labels }}
91+
cache-from: type=gha
92+
cache-to: type=gha,mode=max

0 commit comments

Comments
 (0)