feat(ci): enhance process

Alwatr · Nov 27, 2023 · 3b67ae2 · 3b67ae2
1 parent 85a422d
commit 3b67ae2
Showing 1 changed file with 18 additions and 17 deletions.
diff --git a/.github/workflows/publish-container.yml b/.github/workflows/publish-container.yml
@@ -87,14 +87,15 @@ jobs:
 
       - name: ❔ Check Container files changed
         id: file_change
+        if: ${{ github.event_name != 'release' && github.event_name != 'workflow_dispatch' }}
         uses: dorny/[email protected]
         with:
           filters: |
             container_folder:
               ./${{ matrix.path }}/*
 
       - name: 🏗 Extract version from dockerfile
-        if: ${{ steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ steps.file_change.outputs.container_folder != 'false' }}
         id: version
         run: |
           version_full=$(grep 'cloud.alwatr.image.version.full' ./${{ matrix.path }}/Dockerfile | cut -d'"' -f2)
@@ -105,37 +106,37 @@ jobs:
           echo "version_short: $version_short"
 
       - name: 🏗 Install cosign
-        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder != 'false' }}
         uses: sigstore/[email protected]
 
       - name: 🏗 Setup Docker Buildx
-        if: ${{ steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ steps.file_change.outputs.container_folder != 'false' }}
         uses: docker/[email protected]
 
       - name: 🏗 Cache Docker Layers
-        if: ${{ steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ steps.file_change.outputs.container_folder != 'false' }}
         uses: actions/cache@v3
         with:
           path: /tmp/.buildx-cache
-          key: container-${{ matrix.name }}
+          key: container/${{ matrix.path }}
 
       - name: 🏗 Log into docker hub registry
-        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder != 'false' }}
         uses: docker/[email protected]
         with:
           username: ${{env.USER}}
           password: ${{secrets.DOCKER_HUB_TOKEN}}
 
       - name: 🏗 Log into ghcr.io registry
-        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder != 'false' }}
         uses: docker/[email protected]
         with:
           registry: ghcr.io
           username: ${{env.USER}}
           password: ${{secrets.GITHUB_TOKEN}}
 
       - name: 🚀 Build and push container image
-        if: ${{ steps.file_change.outputs.container_folder == 'true' }}
+        if: ${{ steps.file_change.outputs.container_folder != 'false' }}
         id: build_and_push
         uses: docker/[email protected]
         with:
@@ -152,12 +153,12 @@ jobs:
             BUILD_DATE=${{github.event.repository.updated_at}}
             BUILD_REV=${{github.sha}}
 
-      - name: 🏗 Sign the image with GitHub OIDC Token
-        if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
-        env:
-          COSIGN_EXPERIMENTAL: 'true'
-        run: |
-          cosign sign --yes "ghcr.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}@${{steps.build_and_push.outputs.digest}}"
-          cosign sign --yes "ghcr.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}@${{steps.build_and_push.outputs.digest}}"
-          cosign sign --yes "docker.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}@${{steps.build_and_push.outputs.digest}}"
-          cosign sign --yes "docker.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}@${{steps.build_and_push.outputs.digest}}"
+      # - name: 🏗 Sign the image with GitHub OIDC Token
+      #   if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder != 'false' }}
+      #   env:
+      #     COSIGN_EXPERIMENTAL: 'true'
+      #   run: |
+      #     cosign sign --yes "ghcr.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}@${{steps.build_and_push.outputs.digest}}"
+      #     cosign sign --yes "ghcr.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}@${{steps.build_and_push.outputs.digest}}"
+      #     cosign sign --yes "docker.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}@${{steps.build_and_push.outputs.digest}}"
+      #     cosign sign --yes "docker.io/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}@${{steps.build_and_push.outputs.digest}}"