add previous tags to images
commit 1a2f454a06e44273c3b1e861624fde065245f216
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:52:52 2024 +0200
Update 4-previous.Dockerfile
commit 46f975806b155d9f8455d8f3125e864136272e47
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:51:41 2024 +0200
Update 3-previous.Dockerfile
commit 1a58e8d1f6611f4d0821f40827e1d55f84139223
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:51:11 2024 +0200
.
commit 26ff12d889d8ecd43758a443a42a10f203e6d716
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:48:08 2024 +0200
Update 2-previous.Dockerfile
commit 96b449e4e8933e8703f51dea18f44e501c005152
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:48:01 2024 +0200
Update 2-previous.yml
commit 01727b711bd009a059b2041e6d86e5a5930339b8
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:47:24 2024 +0200
Update 2-previous.Dockerfile
commit 3d801fa9085e1903cb08502a16d43acbcd327a8b
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:46:57 2024 +0200
Update 2-previous.yml
commit c9b8c5d65c984833183ac4aae33b6113b5fe18df
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:46:29 2024 +0200
Create 2-previous.yml
commit dd2634c82e9d939fa3a7a5f1bd99f64746925c26
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:33:37 2024 +0200
Reapply "Reapply "Reapply "Update previous.Dockerfile"""
This reverts commit cfe320146a714d5bbb0c8779e6f05769e0d16a20.
commit cfe320146a714d5bbb0c8779e6f05769e0d16a20
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:33:30 2024 +0200
Revert "Reapply "Reapply "Update previous.Dockerfile"""
This reverts commit 54e71245b1f16415a78c4d3c098ea7c9120221ec.
commit d53a41d22bc76721b36dc49115cc69c344ba7d75
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:33:06 2024 +0200
Update previous.yml
commit 54e71245b1f16415a78c4d3c098ea7c9120221ec
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:30:33 2024 +0200
Reapply "Reapply "Update previous.Dockerfile""
This reverts commit f891f8d0910b51857e706edffccc19f8de2b304f.
commit f891f8d0910b51857e706edffccc19f8de2b304f
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:30:23 2024 +0200
Revert "Reapply "Update previous.Dockerfile""
This reverts commit 4627a5bb206896e8c4dbc48017ac9c25823939a3.
commit 6f4bc299cd701a95476c6a0259e7ac5df8f59a5c
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:30:02 2024 +0200
Update previous.yml
commit b7d99c3f96290e0a10e9eaf2590ea868279abecf
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:27:37 2024 +0200
Update previous.yml
commit a967166f8b47d0268a5fb8c1792bff1120e6c3ee
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 14:26:36 2024 +0200
Update previous.yml
commit 4627a5bb206896e8c4dbc48017ac9c25823939a3
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:30:10 2024 +0200
Reapply "Update previous.Dockerfile"
This reverts commit 018476facaedd4a707bf723ff84174dfd5c482d4.
commit 018476facaedd4a707bf723ff84174dfd5c482d4
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:29:41 2024 +0200
Revert "Update previous.Dockerfile"
This reverts commit 49fe68c02e67f9063af5ddb9dfea8481edb5cdfa.
commit 49fe68c02e67f9063af5ddb9dfea8481edb5cdfa
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:28:41 2024 +0200
Update previous.Dockerfile
commit f941baa12f5789b04dee61c7eef72a356e562ef0
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:28:34 2024 +0200
Update previous.Dockerfile
commit e6b5cc2df0178425fed3896c83052614dfb1830f
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:26:26 2024 +0200
Update previous.yml
commit f8bc81080b261d82776388395185ce8e5f920f53
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:24:55 2024 +0200
Update previous.yml
commit fa930a7d44eb8a7b050b28969b9f0247b1d0fea4
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:00:58 2024 +0200
in dev: adding previous tags
commit e903bdee75c00f84c5ffaaa2167eb4fde9c36193
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 11:00:07 2024 +0200
Update previous.yml
commit 402df5861f75b5e32d7d5c304ee9861fa0c01af5
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:54:05 2024 +0200
Reapply "Reapply "Update previous.Dockerfile""
This reverts commit 71618bc20a236cef2c6642dfb2bc19af42a15c4f.
commit 71618bc20a236cef2c6642dfb2bc19af42a15c4f
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:53:54 2024 +0200
Revert "Reapply "Update previous.Dockerfile""
This reverts commit 89162ea3ea3d1045bda41638c94e77d66e5c2066.
commit 89162ea3ea3d1045bda41638c94e77d66e5c2066
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:53:21 2024 +0200
Reapply "Update previous.Dockerfile"
This reverts commit 94a8a2a25fee461c51bae052c2e3b9291929a692.
commit 94a8a2a25fee461c51bae052c2e3b9291929a692
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:53:17 2024 +0200
Revert "Update previous.Dockerfile"
This reverts commit d3cd5a704bc205cb55b603f44e2469b2417318a3.
commit 0a7bf10b83855cfdaa4d40fa85ee0eff1ff4223b
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:51:57 2024 +0200
Update previous.yml
commit d3cd5a704bc205cb55b603f44e2469b2417318a3
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:45:26 2024 +0200
Update previous.Dockerfile
commit 4bb6fc08eab9e760bf5d0ec0173fd0f0769df548
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:45:19 2024 +0200
Update previous.Dockerfile
commit dfcb1920139a787ef36de68f67277bef4dc06a9e
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:43:16 2024 +0200
Update previous.yml
commit ca69f0899085ae661036efee5ead014e76928739
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:39:55 2024 +0200
Update previous.yml
commit f2b94ce928b16acf8e373dc2e2a423834861b3f4
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:38:34 2024 +0200
add tags for previous images
commit cefbc88a3cb1ea037ff4e411639c713c070f9bf1
Author: Anders Rytter Hansen <andersr+github@rytter.me>
Date: Wed May 22 10:38:27 2024 +0200
add tags for previous images cron file
This commit is contained in:
Anders Rytter Hansen
parent
c5028f5f5d
commit
f128069bbd
8 changed files with 450 additions and 0 deletions
111
.github/workflows/2-previous.yml
vendored
Normal file
111
.github/workflows/2-previous.yml
vendored
Normal file
|
|
@ -0,0 +1,111 @@
|
|||
name: 2-previous
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '30 3 */3 * *' # 3:30 am every 3rd day
|
||||
push:
|
||||
paths:
|
||||
- 'previous/2-previous.Dockerfile'
|
||||
|
||||
env:
|
||||
# Use docker.io for Docker Hub if empty
|
||||
REGISTRY: ghcr.io
|
||||
# github.repository as <account>/<repo>
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
# This is used to complete the identity challenge
|
||||
# with sigstore/fulcio when running outside of PRs.
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
|
||||
- name: Get current date
|
||||
id: date
|
||||
run: echo "::set-output name=date::$(date +'%Y%m%d')"
|
||||
|
||||
- name: Test with environment variables
|
||||
run: echo $DATE
|
||||
env:
|
||||
DATE: ${{ steps.date.outputs.date }}
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Install the cosign tool except on PR
|
||||
# https://github.com/sigstore/cosign-installer
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
|
||||
with:
|
||||
cosign-release: 'v2.1.1'
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
- name: Setup Docker buildx
|
||||
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
|
||||
|
||||
# Login against a Docker registry except on PR
|
||||
# https://github.com/docker/login-action
|
||||
- name: Log into registry ${{ env.REGISTRY }}
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# Extract metadata (tags, labels) for Docker
|
||||
# https://github.com/docker/metadata-action
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
||||
- name: Test with echo tag
|
||||
run: echo $tag
|
||||
env:
|
||||
tag: ${{ steps.meta.outputs.tags }}
|
||||
|
||||
# Build and push Docker image with Buildx (don't push on PR)
|
||||
# https://github.com/docker/build-push-action
|
||||
- name: Build and push Docker image
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
|
||||
with:
|
||||
file: previous/2-previous.Dockerfile
|
||||
context: .
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ghcr.io/andersrh/my-ostree-os:2-previous
|
||||
# labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
|
||||
# Sign the resulting Docker image digest except on PRs.
|
||||
# This will only write to the public Rekor transparency log when the Docker
|
||||
# repository is public to avoid leaking data. If you would like to publish
|
||||
# transparency data even for private images, pass --force to cosign below.
|
||||
# https://github.com/sigstore/cosign
|
||||
- name: Sign the published Docker image
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
env:
|
||||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
|
||||
TAGS: ghcr.io/andersrh/my-ostree-os:2-previous
|
||||
DIGEST: ${{ steps.build-and-push.outputs.digest }}
|
||||
# This step uses the identity token to provision an ephemeral certificate
|
||||
# against the sigstore community Fulcio instance.
|
||||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
|
||||
111
.github/workflows/3-previous.yml
vendored
Normal file
111
.github/workflows/3-previous.yml
vendored
Normal file
|
|
@ -0,0 +1,111 @@
|
|||
name: 3-previous
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '00 3 */3 * *' # 3:00 am every 3rd day
|
||||
push:
|
||||
paths:
|
||||
- 'previous/3-previous.Dockerfile'
|
||||
|
||||
env:
|
||||
# Use docker.io for Docker Hub if empty
|
||||
REGISTRY: ghcr.io
|
||||
# github.repository as <account>/<repo>
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
# This is used to complete the identity challenge
|
||||
# with sigstore/fulcio when running outside of PRs.
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
|
||||
- name: Get current date
|
||||
id: date
|
||||
run: echo "::set-output name=date::$(date +'%Y%m%d')"
|
||||
|
||||
- name: Test with environment variables
|
||||
run: echo $DATE
|
||||
env:
|
||||
DATE: ${{ steps.date.outputs.date }}
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Install the cosign tool except on PR
|
||||
# https://github.com/sigstore/cosign-installer
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
|
||||
with:
|
||||
cosign-release: 'v2.1.1'
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
- name: Setup Docker buildx
|
||||
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
|
||||
|
||||
# Login against a Docker registry except on PR
|
||||
# https://github.com/docker/login-action
|
||||
- name: Log into registry ${{ env.REGISTRY }}
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# Extract metadata (tags, labels) for Docker
|
||||
# https://github.com/docker/metadata-action
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
||||
- name: Test with echo tag
|
||||
run: echo $tag
|
||||
env:
|
||||
tag: ${{ steps.meta.outputs.tags }}
|
||||
|
||||
# Build and push Docker image with Buildx (don't push on PR)
|
||||
# https://github.com/docker/build-push-action
|
||||
- name: Build and push Docker image
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
|
||||
with:
|
||||
file: previous/3-previous.Dockerfile
|
||||
context: .
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ghcr.io/andersrh/my-ostree-os:3-previous
|
||||
# labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
|
||||
# Sign the resulting Docker image digest except on PRs.
|
||||
# This will only write to the public Rekor transparency log when the Docker
|
||||
# repository is public to avoid leaking data. If you would like to publish
|
||||
# transparency data even for private images, pass --force to cosign below.
|
||||
# https://github.com/sigstore/cosign
|
||||
- name: Sign the published Docker image
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
env:
|
||||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
|
||||
TAGS: ghcr.io/andersrh/my-ostree-os:3-previous
|
||||
DIGEST: ${{ steps.build-and-push.outputs.digest }}
|
||||
# This step uses the identity token to provision an ephemeral certificate
|
||||
# against the sigstore community Fulcio instance.
|
||||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
|
||||
111
.github/workflows/4-previous.yml
vendored
Normal file
111
.github/workflows/4-previous.yml
vendored
Normal file
|
|
@ -0,0 +1,111 @@
|
|||
name: 4-previous
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '30 2 */3 * *' # 2:30 am every 3rd day
|
||||
push:
|
||||
paths:
|
||||
- 'previous/4-previous.Dockerfile'
|
||||
|
||||
env:
|
||||
# Use docker.io for Docker Hub if empty
|
||||
REGISTRY: ghcr.io
|
||||
# github.repository as <account>/<repo>
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
# This is used to complete the identity challenge
|
||||
# with sigstore/fulcio when running outside of PRs.
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
|
||||
- name: Get current date
|
||||
id: date
|
||||
run: echo "::set-output name=date::$(date +'%Y%m%d')"
|
||||
|
||||
- name: Test with environment variables
|
||||
run: echo $DATE
|
||||
env:
|
||||
DATE: ${{ steps.date.outputs.date }}
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Install the cosign tool except on PR
|
||||
# https://github.com/sigstore/cosign-installer
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
|
||||
with:
|
||||
cosign-release: 'v2.1.1'
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
- name: Setup Docker buildx
|
||||
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
|
||||
|
||||
# Login against a Docker registry except on PR
|
||||
# https://github.com/docker/login-action
|
||||
- name: Log into registry ${{ env.REGISTRY }}
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# Extract metadata (tags, labels) for Docker
|
||||
# https://github.com/docker/metadata-action
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
||||
- name: Test with echo tag
|
||||
run: echo $tag
|
||||
env:
|
||||
tag: ${{ steps.meta.outputs.tags }}
|
||||
|
||||
# Build and push Docker image with Buildx (don't push on PR)
|
||||
# https://github.com/docker/build-push-action
|
||||
- name: Build and push Docker image
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
|
||||
with:
|
||||
file: previous/4-previous.Dockerfile
|
||||
context: .
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ghcr.io/andersrh/my-ostree-os:4-previous
|
||||
# labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
|
||||
# Sign the resulting Docker image digest except on PRs.
|
||||
# This will only write to the public Rekor transparency log when the Docker
|
||||
# repository is public to avoid leaking data. If you would like to publish
|
||||
# transparency data even for private images, pass --force to cosign below.
|
||||
# https://github.com/sigstore/cosign
|
||||
- name: Sign the published Docker image
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
env:
|
||||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
|
||||
TAGS: ghcr.io/andersrh/my-ostree-os:4-previous
|
||||
DIGEST: ${{ steps.build-and-push.outputs.digest }}
|
||||
# This step uses the identity token to provision an ephemeral certificate
|
||||
# against the sigstore community Fulcio instance.
|
||||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
|
||||
111
.github/workflows/previous.yml
vendored
Normal file
111
.github/workflows/previous.yml
vendored
Normal file
|
|
@ -0,0 +1,111 @@
|
|||
name: previous
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 4 */3 * *' # 4 am every 3rd day
|
||||
push:
|
||||
paths:
|
||||
- 'previous/previous.Dockerfile'
|
||||
|
||||
env:
|
||||
# Use docker.io for Docker Hub if empty
|
||||
REGISTRY: ghcr.io
|
||||
# github.repository as <account>/<repo>
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
# This is used to complete the identity challenge
|
||||
# with sigstore/fulcio when running outside of PRs.
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
|
||||
- name: Get current date
|
||||
id: date
|
||||
run: echo "::set-output name=date::$(date +'%Y%m%d')"
|
||||
|
||||
- name: Test with environment variables
|
||||
run: echo $DATE
|
||||
env:
|
||||
DATE: ${{ steps.date.outputs.date }}
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Install the cosign tool except on PR
|
||||
# https://github.com/sigstore/cosign-installer
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
|
||||
with:
|
||||
cosign-release: 'v2.1.1'
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
- name: Setup Docker buildx
|
||||
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
|
||||
|
||||
# Login against a Docker registry except on PR
|
||||
# https://github.com/docker/login-action
|
||||
- name: Log into registry ${{ env.REGISTRY }}
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# Extract metadata (tags, labels) for Docker
|
||||
# https://github.com/docker/metadata-action
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
||||
- name: Test with echo tag
|
||||
run: echo $tag
|
||||
env:
|
||||
tag: ${{ steps.meta.outputs.tags }}
|
||||
|
||||
# Build and push Docker image with Buildx (don't push on PR)
|
||||
# https://github.com/docker/build-push-action
|
||||
- name: Build and push Docker image
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
|
||||
with:
|
||||
file: previous/previous.Dockerfile
|
||||
context: .
|
||||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ghcr.io/andersrh/my-ostree-os:previous
|
||||
# labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
|
||||
# Sign the resulting Docker image digest except on PRs.
|
||||
# This will only write to the public Rekor transparency log when the Docker
|
||||
# repository is public to avoid leaking data. If you would like to publish
|
||||
# transparency data even for private images, pass --force to cosign below.
|
||||
# https://github.com/sigstore/cosign
|
||||
- name: Sign the published Docker image
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
env:
|
||||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
|
||||
TAGS: ghcr.io/andersrh/my-ostree-os:previous
|
||||
DIGEST: ${{ steps.build-and-push.outputs.digest }}
|
||||
# This step uses the identity token to provision an ephemeral certificate
|
||||
# against the sigstore community Fulcio instance.
|
||||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
|
||||
2
previous/2-previous.Dockerfile
Normal file
2
previous/2-previous.Dockerfile
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
FROM ghcr.io/andersrh/my-ostree-os:previous
|
||||
|
||||
1
previous/3-previous.Dockerfile
Normal file
1
previous/3-previous.Dockerfile
Normal file
|
|
@ -0,0 +1 @@
|
|||
FROM ghcr.io/andersrh/my-ostree-os:2-previous
|
||||
1
previous/4-previous.Dockerfile
Normal file
1
previous/4-previous.Dockerfile
Normal file
|
|
@ -0,0 +1 @@
|
|||
FROM ghcr.io/andersrh/my-ostree-os:3-previous
|
||||
2
previous/previous.Dockerfile
Normal file
2
previous/previous.Dockerfile
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
FROM ghcr.io/andersrh/my-ostree-os:main
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue