Skip to content

Merge pull request #20 from zazukoians/dependabot/docker/docker/adfre… #33

Merge pull request #20 from zazukoians/dependabot/docker/docker/adfre…

Merge pull request #20 from zazukoians/dependabot/docker/docker/adfre… #33

Workflow file for this run

name: Build and push Docker images
on:
push:
branches:
- main
tags:
- "v*.*.*"
jobs:
server:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Cosign
uses: sigstore/cosign-installer@v3.7.0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/zazukoians/qlever-server
tags: |
type=ref,event=branch
type=semver,prefix=v,pattern={{version}}
type=semver,prefix=v,pattern={{major}}.{{minor}}
type=semver,prefix=v,pattern={{major}}
type=sha
- name: Build and push Docker images
id: docker_build
uses: docker/build-push-action@v6
with:
context: ./docker/
file: ./docker/server.Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
platforms: |
linux/amd64
linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.docker_meta.outputs.tags }}
run: |
images=""
for tag in ${TAGS}; do
images+="${tag}@${DIGEST} "
done
cosign sign --yes ${images}
ui:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Cosign
uses: sigstore/cosign-installer@v3.7.0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/zazukoians/qlever-ui
tags: |
type=ref,event=branch
type=semver,prefix=v,pattern={{version}}
type=semver,prefix=v,pattern={{major}}.{{minor}}
type=semver,prefix=v,pattern={{major}}
type=sha
- name: Build and push Docker images
id: docker_build
uses: docker/build-push-action@v6
with:
context: ./docker/
file: ./docker/ui.Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
platforms: |
linux/amd64
linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.docker_meta.outputs.tags }}
run: |
images=""
for tag in ${TAGS}; do
images+="${tag}@${DIGEST} "
done
cosign sign --yes ${images}