Skip to content

Create and publish a Docker image #2037

Create and publish a Docker image

Create and publish a Docker image #2037

Workflow file for this run

name: Create and publish a Docker image
on:
push:
tags:
- '*'
branches: [ continuous-release-exo ]
env:
BRANCH_BUILD_TAGS: "nightly-exo"
jobs:
parse-docker-build-env:
name: 'Parse Docker Build Environment'
runs-on: ubuntu-latest
outputs:
buildTags: ${{ steps.detect-push-event.outputs.buildTags }}
steps:
- name: Check if push is a tag or branch
id: detect-push-event
run: |
if [[ $GITHUB_REF == refs/tags/* ]]; then
echo "This is a tag push (${GITHUB_REF#refs/tags/})"
echo "Building docker tag: ${GITHUB_REF#refs/tags/}"
echo "buildTags=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
elif [[ $GITHUB_REF == refs/heads/* ]]; then
echo "This is a branch push (${GITHUB_REF#refs/heads/})"
echo "Building docker tags: ${{ env.BRANCH_BUILD_TAGS }}"
echo "buildTags=${{ env.BRANCH_BUILD_TAGS }}" >> $GITHUB_OUTPUT
else
echo "Unknown push type"
exit 1
fi
build-dockerhub-image:
permissions:
contents: read
packages: write
id-token: write
attestations: write
name: "Build Docker Images to DockerHub Registry"
uses: exoplatform/swf-scripts/.github/workflows/buildDockerImage.yml@master
needs: parse-docker-build-env
with:
dockerImage: "meedsio/meeds"
dockerImageTag: ${{ needs.parse-docker-build-env.outputs.buildTags }}
signImage: true
cosignImage: true
attestImage: true
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_PRIVATE_KEY_ID: ${{ secrets.DOCKER_PRIVATE_KEY_ID }}
DOCKER_PRIVATE_KEY: ${{ secrets.DOCKER_PRIVATE_KEY }}
DOCKER_PRIVATE_KEY_PASSPHRASE: ${{ secrets.DOCKER_PRIVATE_KEY_PASSPHRASE }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
build-ghcr-image:
permissions:
contents: read
packages: write
id-token: write
attestations: write
name: "Build Docker Images to Github Container Registry"
uses: exoplatform/swf-scripts/.github/workflows/buildDockerImage.yml@master
needs: parse-docker-build-env
with:
dockerRegistry: "ghcr.io"
dockerImage: "meeds-io/meeds/meeds-io"
dockerImageTag: ${{ needs.parse-docker-build-env.outputs.buildTags }}
cosignImage: true
cosignOidcImage: true
attestImage: true
attestImageRegistry: "ghcr.io"
secrets:
DOCKER_USERNAME: ${{ secrets.SWF_ACTOR }}
DOCKER_PASSWORD: ${{ secrets.SWF_TOKEN }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}