feature/github-action #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker | |
| on: | |
| push: | |
| tags: ["*"] | |
| branches: | |
| - "main" | |
| - "master" | |
| schedule: | |
| - cron: '0 4 * * 0' | |
| pull_request: | |
| branches: ["**"] | |
| env: | |
| # Hostname of your registry | |
| REGISTRY: docker.io | |
| GH_REGISTRY: ghcr.io | |
| # Image repository, without hostname and tag | |
| IMAGE_NAME: alpine/used-for-docker-scout-score-check-only | |
| GH_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/used-for-docker-scout-score-check-only | |
| SHA: ${{ github.event.pull_request.head.sha || github.event.after }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| # Checkout the repository | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # Set up Docker Buildx (optional if you want to use Buildx features like multi-platform builds) | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Log in to GitHub Container Registry | |
| - name: Log in to GitHub Container Registry ${{ env.GH_REGISTRY}} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.GH_REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Extract metadata (tags, labels) for Docker | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.GH_REGISTRY }}/${{ env.IMAGE_NAME }} | |
| labels: | | |
| org.opencontainers.image.revision=${{ env.SHA }} | |
| tags: | | |
| type=edge,branch=$repo.default_branch | |
| type=semver,pattern=v{{version}} | |
| type=sha,prefix=,suffix=,format=short | |
| - name: Build and push GHCR image | |
| id: build-and-push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| sbom: ${{ github.event_name != 'pull_request' }} | |
| provenance: ${{ github.event_name != 'pull_request' }} | |
| push: ${{ github.event_name != 'pull_request' }} | |
| load: ${{ github.event_name == 'pull_request' }} | |
| tags: ${{ env.GH_IMAGE_NAME}}/${{ env.SHA }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # - name: Checkout code | |
| # uses: actions/checkout@v2 | |
| # - name: check the platform in multi-arch images | |
| # run: | | |
| # echo ${{ steps.meta.outputs.tags }} | |
| # bash ./test.sh ${{ steps.meta.outputs.tags }} | |
| - name: set tags | |
| run: | | |
| # install crane | |
| curl -LO https://github.com/google/go-containerregistry/releases/download/v0.20.2/go-containerregistry_Linux_x86_64.tar.gz | |
| tar zxvf go-containerregistry_Linux_x86_64.tar.gz | |
| chmod +x crane | |
| export VERSION=($(docker run -i --rm ${{ steps.meta.outputs.tags }} version|awk '{print $NF}')) | |
| echo $VERSION | |
| ./crane auth login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }} index.docker.io | |
| ./crane copy ${{ env.GH_IMAGE_NAME }}/${{ env.SHA }} ${{ env.IMAGE_NAME }}:latest | |
| ./crane copy ${{ env.GH_IMAGE_NAME }}/${{ env.SHA }} ${{ env.IMAGE_NAME }}:${VERSION} | |
| rm -rf /home/runner/.docker/config.json |