wip #37

Workflow file for this run

	name: End-to-End Testing

	on:
	pull_request:
	push:
	branches:
	- main
	- 'releases/*'

	jobs:
	e2e-oci:
	name: Publish/Verify (Container Image)
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write
	packages: write
	#services:
	#registry:
	#image: registry@sha256:860f379a011eddfab604d9acfe3cf50b2d6e958026fb0f977132b0b083b1a3d7 # 2.8.3
	#volumes:
	#- ${{ runner.temp }}/registry:/auth
	#ports:
	#- 5000:5000
	#env:
	#REGISTRY_AUTH: htpasswd
	#REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
	#REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
	env:
	REGISTRY: localhost:5000
	IMAGE_NAME: test
	IMAGE_TAG: latest
	USERNAME: ${{ github.actor }}
	PASSWORD: password
	steps:
	- name: Checkout
	id: checkout
	uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	- name: htpasswd
	run: \|
	npx htpasswd --bcrypt --batch --nofile $USERNAME $PASSWORD > ${{ runner.temp }}/htpasswd
	docker run -d \
	-p "5000:5000" \
	-e "REGISTRY_AUTH=htpasswd" \
	-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
	-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
	-v "${{ runner.tmp }}/htpasswd:/auth/htpasswd" \
	registry@sha256:860f379a011eddfab604d9acfe3cf50b2d6e958026fb0f977132b0b083b1a3d7
	docker ps -a
	- name: Build Dockerfile
	run: \|
	cat <<EOF > Dockerfile
	FROM scratch
	COPY README.md .
	EOF
	- name: Login to GHCR
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ env.USERNAME }}
	password: ${{ env.PASSWORD }}
	- name: Build and push container image
	id: push
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
	with:
	context: .
	push: true
	tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
	- name: Attest image
	id: attest-action
	uses: ./
	with:
	subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	subject-digest: ${{ steps.push.outputs.digest }}
	- name: Verify attestation
	env:
	GH_TOKEN: ${{ github.token }}
	run: \|
	gh ext install github-early-access/gh-attestation
	gh attestation verify oci://${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} -R ${{ github.repository }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

wip #37

Workflow file

wip #37

Jobs

Run details

Workflow file for this run