Skip to content

Commit 2c70425

Browse files
committed
chore: add workflow
1 parent d3aced9 commit 2c70425

File tree

1 file changed

+77
-0
lines changed

1 file changed

+77
-0
lines changed

.github/workflows/release.yml

+77
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
on:
2+
push:
3+
branches: ["release"]
4+
pull_request:
5+
branches: ["release"]
6+
7+
env:
8+
REGISTRY: ghcr.io
9+
IMAGE_NAME: ${{ github.repository }}
10+
11+
jobs:
12+
build-and-publish:
13+
runs-on: ubuntu-latest
14+
permissions:
15+
packages: write
16+
contents: read
17+
attestations: write
18+
id-token: write
19+
steps:
20+
- name: checkout
21+
uses: actions/checkout@v2
22+
23+
- name: Set up QEMU
24+
uses: docker/setup-qemu-action@v3
25+
26+
- name: docker meta
27+
id: meta
28+
uses: docker/metadata-action@v5
29+
with:
30+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
31+
tags: type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'release') }}
32+
33+
- name: Set up Docker Buildx
34+
uses: docker/setup-buildx-action@v1
35+
36+
- name: Login to registry
37+
uses: docker/login-action@v1
38+
with:
39+
registry: ${{ env.REGISTRY }}
40+
username: ${{ github.actor }}
41+
password: ${{ secrets.GITHUB_TOKEN }}
42+
43+
- name: Build and push renderer
44+
id: push-renderer
45+
uses: docker/build-push-action@v2
46+
with:
47+
context: .
48+
file: ./renderer/dockerfile
49+
platforms: linux/amd64,linux/arm64
50+
push: ${{ github.event_name != 'pull_request' }}
51+
tags: ${{ steps.meta.outputs.tags }}
52+
labels: ${{ steps.meta.outputs.labels }}
53+
54+
- name: Build and push web-app
55+
id: push-web
56+
uses: docker/build-push-action@v2
57+
with:
58+
context: .
59+
file: ./web/dockerfile
60+
platforms: linux/amd64,linux/arm64
61+
push: ${{ github.event_name != 'pull_request' }}
62+
tags: ${{ steps.meta.outputs.tags }}
63+
labels: ${{ steps.meta.outputs.labels }}
64+
65+
- name: Generate artifact attestation for renderer
66+
uses: actions/attest-build-provenance@v1
67+
with:
68+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
69+
subject-digest: ${{ steps.push-renderer.outputs.digest }}
70+
push-to-registry: true
71+
72+
- name: Generate artifact attestation for web-app
73+
uses: actions/attest-build-provenance@v1
74+
with:
75+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
76+
subject-digest: ${{ steps.push-web.outputs.digest }}
77+
push-to-registry: true

0 commit comments

Comments
 (0)