Skip to content

#181 pass provided scope #154

#181 pass provided scope

#181 pass provided scope #154

Workflow file for this run

name: Build images
on:
push:
branches:
- main
release:
types:
- published
permissions:
packages: write
jobs:
build-images:
runs-on: ubuntu-latest
steps:
- name: Get current date
run: echo "curr_date=$(date --utc +%Y-%m-%dT%H:%M:%SZ)" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to ghcr.io
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Quay
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Build and push ${{github.event.release.tag_name }}
id: docker_build_release
uses: docker/build-push-action@v5
if: ${{ github.event.release.tag_name != '' }}
with:
push: true
tags: ghcr.io/bakito/sealed-secrets-web:latest,ghcr.io/bakito/sealed-secrets-web:${{ github.event.release.tag_name }},quay.io/bakito/sealed-secrets-web:latest,quay.io/bakito/sealed-secrets-web:${{ github.event.release.tag_name }}
platforms: linux/amd64,linux/arm64
provenance: false
build-args: |
VERSION=${{ github.event.release.tag_name }}
BUILD=${{ env.curr_date }}
- name: Build and push main
id: docker_build_main
uses: docker/build-push-action@v5
if: ${{ github.event.release.tag_name == '' }}
with:
push: true
tags: ghcr.io/bakito/sealed-secrets-web:main,quay.io/bakito/sealed-secrets-web:main
platforms: linux/amd64,linux/arm64
provenance: false
build-args: |
VERSION=main
BUILD=${{ env.curr_date }}
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
# - name: Prune ghcr images
# uses: vlaurin/action-ghcr-prune@main
# with:
# token: ${{ secrets.PRUNE_IMAGE_TOKEN }}
# container: ${{github.event.repository.name}}
# dry-run: false # Dry-run first, then change to `false`
# older-than: 7 # days
# untagged: true