Skip to content

Release image

Release image #3

Workflow file for this run

name: Release image
on:
workflow_dispatch:
inputs:
image:
description: "The OCI image name. This must not include a tag or digest."
type: string
default: "docker.io/laurentsimon/oss-na24-slsa-workshop-project1-echo-server"
digest:
description: "The OCI image digest. The image digest of the form '<algorithm>:<digest>' (e.g. 'sha256:abcdef...')"
type: string
default: "sha256:4004ae316501b67d4d2f7eb82b02f36f32f91101cc9a53d5eb4dd044c16a552e"
environment:
type: choice
description: Environment to use
options:
- prod
- staging
permissions: read-all
defaults:
run:
shell: bash
env:
IMAGE_REGISTRY: docker.io
IMAGE_NAME: ${{ github.repository }}-echo-server
REGISTRY_USERNAME: laurentsimon
jobs:
release:
permissions:
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
contents: read # To read the repo.
uses: laurentsimon/oss-na24-slsa-workshop-organization/.github/workflows/image-releaser.yml@main
with:
environment: ${{ inputs.environment }}
image: ${{ needs.build.outputs.image }}
digest: ${{ needs.build.outputs.digest }}
# Use name rather than env variable because env are not available for reusable workflows.
registry-username: laurentsimon
#registry-username: ${{ github.actor }}
secrets:
registry-password: ${{ secrets.REGISTRY_PASSWORD }}
#registry-password: ${{ secrets.GITHUB_TOKEN }}