Docker Build and Push #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build and Push | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - 'main' | |
| - '**dev' | |
| tags: | |
| - '*' | |
| paths: | |
| - 'src/**' | |
| - 'docker/**' | |
| release: | |
| types: [ published ] | |
| env: | |
| GITHUB_CONTAINER_PREFIX: ghcr.io | |
| DOCKER_IMAGE: WGErinys | |
| jobs: | |
| docker_build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.GITHUB_CONTAINER_PREFIX }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract Docker metadata from environment | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=sha,format=short,prefix= | |
| - name: Build and export Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64,linux/arm64 | |
| # Initialy disabled | |
| # docker_scan: | |
| # if: ${{ github.event_name != 'pull_request' }} | |
| # runs-on: ubuntu-latest | |
| # needs: docker_build | |
| # steps: | |
| # - name: Log in to Docker Hub | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: ${{ env.DOCKERHUB_PREFIX }} | |
| # username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| # password: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
| # | |
| # - name: Log in to GitHub Container Registry | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: ${{ env.GITHUB_CONTAINER_PREFIX }} | |
| # username: ${{ github.actor }} | |
| # password: ${{ secrets.GITHUB_TOKEN }} | |
| # | |
| # - name: Docker Scout CVEs | |
| # uses: docker/scout-action@v1 | |
| # with: | |
| # command: cves | |
| # image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main | |
| # only-severities: critical,high | |
| # only-fixed: true | |
| # write-comment: true | |
| # github-token: ${{ secrets.GITHUB_TOKEN }} | |
| # exit-code: true | |
| # | |
| # - name: Docker Scout Compare | |
| # uses: docker/scout-action@v1 | |
| # with: | |
| # command: compare | |
| # # Set to Github for maximum compat | |
| # image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main | |
| # to: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:latest | |
| # only-severities: critical,high | |
| # ignore-unchanged: true | |
| # github-token: ${{ secrets.GITHUB_TOKEN }} |