-
-
Notifications
You must be signed in to change notification settings - Fork 17
71 lines (66 loc) · 2.33 KB
/
publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
name: Build images
on:
push:
branches:
- main
release:
types:
- published
permissions:
packages: write
jobs:
build-images:
runs-on: ubuntu-latest
steps:
- name: Get current date
run: echo "curr_date=$(date --utc +%Y-%m-%dT%H:%M:%SZ)" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to ghcr.io
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Quay
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Build and push ${{github.event.release.tag_name }}
id: docker_build_release
uses: docker/build-push-action@v6
if: ${{ github.event.release.tag_name != '' }}
with:
push: true
tags: ghcr.io/bakito/sealed-secrets-web:latest,ghcr.io/bakito/sealed-secrets-web:${{ github.event.release.tag_name }},quay.io/bakito/sealed-secrets-web:latest,quay.io/bakito/sealed-secrets-web:${{ github.event.release.tag_name }}
platforms: linux/amd64,linux/arm64
provenance: false
build-args: |
VERSION=${{ github.event.release.tag_name }}
BUILD=${{ env.curr_date }}
- name: Build and push main
id: docker_build_main
uses: docker/build-push-action@v6
if: ${{ github.event.release.tag_name == '' }}
with:
push: true
tags: ghcr.io/bakito/sealed-secrets-web:main,quay.io/bakito/sealed-secrets-web:main
platforms: linux/amd64,linux/arm64
provenance: false
build-args: |
VERSION=main
BUILD=${{ env.curr_date }}
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
# - name: Prune ghcr images
# uses: vlaurin/action-ghcr-prune@main
# with:
# token: ${{ secrets.PRUNE_IMAGE_TOKEN }}
# container: ${{github.event.repository.name}}
# dry-run: false # Dry-run first, then change to `false`
# older-than: 7 # days
# untagged: true