Skip to content

Fix Uncontrolled data used in path expression #15

Fix Uncontrolled data used in path expression

Fix Uncontrolled data used in path expression #15

Workflow file for this run

---
name: Docker Image TissUUmaps
on:
push:
branches:
- master
tags:
- "*"
release:
types: [published]
jobs:
build_and_push_to_registry:
if: github.repository == 'TissUUmaps/TissUUmaps'
name: Publish Docker Image
runs-on: ubuntu-latest
# Cancel earlier job if there is a new one for the same branch/release
concurrency:
group: ${{ github.ref }}-docker-build
cancel-in-progress: true
# Define the images/tags to build; will run in parallel
strategy:
matrix:
include:
- dockerfile: container/Dockerfile
images: |
docker.io/cavenel/tissuumaps
ghcr.io/TissUUmaps/TissUUmaps
permissions:
contents: read
packages: write
steps:
- name: Check out the repo
uses: actions/checkout@v3
# only needed when publishing to Dockerhub
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-single-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-single-buildx
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# only needed when publishing to Github (ghcr.io)
- name: Log in to Github Container Repository
uses: docker/login-action@v2
with:
registry: ghcr.io
# will run as the user who triggered the action, using its token
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ matrix.images }}
tags: |
type=ref,event=branch
type=pep440,pattern={{version}}
type=pep440,pattern={{major}}.{{minor}}.{{micro}}.{{patch}}
type=pep440,pattern={{major}}.{{minor}}.{{micro}}
type=pep440,pattern={{major}}.{{minor}}
type=pep440,pattern={{major}}
- name: Build and Publish
uses: docker/build-push-action@v3
with:
file: ${{ matrix.dockerfile }}
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache