aiolabs/lightning-pub
2
0
Fork 0
Code Issues 9 Pull requests 4 Projects Releases Packages Wiki Activity Actions

docker workflow

Browse source
This commit is contained in:
Justin (shocknet) 2024-05-20 13:16:18 -04:00
parent 0242397085
commit 241a4eccbb
1 changed files with 25 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

47
.github/workflows/push.yml vendored
View file

@ -2,7 +2,8 @@ name: Create and publish a Docker image
on: on:
release: release:
types: [created] types: [created, published, prereleased]
workflow_dispatch: # This allows manual triggering of the workflow
env: env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
@ -22,39 +23,41 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Log in to the Container registry - name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 uses: docker/login-action@v2
with: with:
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
username: ${{ github.actor }} username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker - name: Extract metadata (tags, labels) for Docker
id: meta id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 uses: docker/metadata-action@v4
with: with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build Docker image - name: Build and push Docker image
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 id: build-and-push
uses: docker/build-push-action@v4
with: with:
context: . context: .
push: false file: ./Dockerfile
tags: ${{ steps.meta.outputs.tags }} push: true
tags: ghcr.io/${{ github.repository_owner }}/lightning-pub:latest
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
- name: Capture image digest
id: capture-digest
run: |
DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ghcr.io/${{ github.repository_owner }}/lightning-pub:latest | cut -d'@' -f2)
echo "Raw Digest is $DIGEST"
echo "::set-output name=digest::$DIGEST"
- name: Debug Print Digest
run: echo "Digest is ${{ steps.capture-digest.outputs.digest }}"
- name: Attest build provenance - name: Attest build provenance
uses: actions/attest-build-provenance@v1 uses: actions/attest-build-provenance@v1
with: with:
artifact-digest: ${{ steps.push.outputs.digest }} subject-digest: ${{ steps.capture-digest.outputs.digest }}
artifact-type: 'container-image' subject-name: ghcr.io/${{ github.repository_owner }}/lightning-pub:latest
artifact-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} github-token: ${{ secrets.PAT_TOKEN }}
materials: '[{"uri":"git+https://github.com/${{ github.repository }}","digest":{"sha1":"${{ github.sha }}"},"mediaType":"application/vnd.github.v3+json"}]'
- name: Push Docker image
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}