ci(tools): update actions/create-github-app-token digest to 29824e6 #296
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json | |
| name: docker | |
| "on": | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| tags: | |
| - v* | |
| pull_request: | |
| branches: | |
| - master | |
| permissions: | |
| contents: write | |
| packages: write | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| images: | | |
| webhippie/errors | |
| quay.io/webhippie/errors | |
| ghcr.io/webhippie/errors | |
| labels: | | |
| org.opencontainers.image.vendor=Webhippie | |
| maintainer=Thomas Boerger <thomas@webhippie.de> | |
| tags: | | |
| type=ref,event=pr | |
| type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }} | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| - name: Setup qemu | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 | |
| - name: Setup buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 | |
| - name: Setup cosign | |
| if: github.event_name != 'pull_request' | |
| uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3 | |
| - name: Hub login | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Quay login | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - name: Ghcr login | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build image | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 | |
| with: | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: cmd/errors/Dockerfile | |
| platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v6 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Sign images | |
| if: github.event_name != 'pull_request' | |
| env: | |
| COSIGN_KEY: ${{ secrets.COSIGN_KEY }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| run: | | |
| echo "${{ steps.meta.outputs.tags }}" | while read -r TAG; do | |
| cosign sign --yes --key env://COSIGN_KEY ${TAG} | |
| done | |
| readme: | |
| runs-on: ubuntu-latest | |
| needs: docker | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 | |
| - name: Hub readme | |
| uses: actionhippie/pushrm@2f7e4beeb0c27f1c319e85ef5bb7cf3a420e9d96 # v1 | |
| with: | |
| provider: dockerhub | |
| target: webhippie/errors | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| description: Default backend for Kubernetes Ingress | |
| readme: README.md | |
| - name: Quay readme | |
| uses: actionhippie/pushrm@2f7e4beeb0c27f1c319e85ef5bb7cf3a420e9d96 # v1 | |
| with: | |
| provider: quay | |
| target: quay.io/webhippie/errors | |
| apikey: ${{ secrets.QUAY_APIKEY }} | |
| readme: README.md | |
| ... |