Build echo-server #4

Summary
Jobs
- build
- provenance
- run
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/build-echo-server.yml at 02db575

	name: Build echo-server

	on:
	workflow_dispatch:

	permissions: read-all

	defaults:
	run:
	shell: bash

	env:
	IMAGE_REGISTRY: docker.io
	IMAGE_NAME: ${{ github.repository }}-echo-server
	REGISTRY_USERNAME: laurentsimon

	jobs:
	build:
	outputs:
	image: ${{ steps.image.outputs.image }}
	digest: ${{ steps.build.outputs.digest }}
	permissions:
	packages: write # for uploading attestations.
	contents: read
	runs-on: ubuntu-latest
	steps:
	- name: Checkout the repository
	uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.3.4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # v2.0.0

	- name: Authenticate Docker
	uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v2.0.0
	with:
	# Use docker to simpliy local testing.
	registry: ${{ env.IMAGE_REGISTRY }}
	username: ${{ env.REGISTRY_USERNAME }}
	password: ${{ secrets.REGISTRY_PASSWORD }}
	# username: ${{ github.actor }}
	# password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@69f6fc9d46f2f8bf0d5491e4aabe0bb8c6a4678a # v4.0.1
	with:
	images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}

	- name: Build and push Docker image
	uses: docker/build-push-action@e551b19e49efd4e98792db7592c17c09b89db8d8 # v3.0.0
	id: build
	with:
	push: true
	context: "{{defaultContext}}:images/echo-server"
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	- name: Output image
	id: image
	run: \|
	image_name="${IMAGE_REGISTRY}/${IMAGE_NAME}"
	echo "image=$image_name" >> "$GITHUB_OUTPUT"

	provenance:
	needs: [build]
	permissions:
	actions: read # for detecting the Github Actions environment.
	id-token: write # for creating OIDC tokens for signing.
	packages: write # for uploading attestations.
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.10.0
	with:
	image: ${{ needs.build.outputs.image }}
	digest: ${{ needs.build.outputs.digest }}
	# Use name rather than env variable because env are not available for reusable workflows.
	registry-username: laurentsimon
	#registry-username: ${{ github.actor }}
	secrets:
	registry-password: ${{ secrets.REGISTRY_PASSWORD }}
	#registry-password: ${{ secrets.GITHUB_TOKEN }}

	run:
	needs: [build, provenance]
	runs-on: ubuntu-latest
	steps:
	- name: Authenticate Docker
	uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v2.0.0
	with:
	# Use docker to simpliy local testing.
	registry: ${{ env.IMAGE_REGISTRY }}
	username: ${{ env.REGISTRY_USERNAME }}
	password: ${{ secrets.REGISTRY_PASSWORD }}
	# username: ${{ github.actor }}
	# password: ${{ secrets.GITHUB_TOKEN }}
	- name: Run it
	env:
	IMAGE: ${{ needs.build.outputs.image }}
	DIGEST: ${{ needs.build.outputs.digest }}
	run: \|
	docker pull "${IMAGE}@${DIGEST}"

	# See https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions for log types.
	echo "::warning ${IMAGE}@${DIGEST}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build echo-server #4

Workflow file

Build echo-server #4

Jobs

Run details

Workflow file for this run