re-added dockerhub verification #266
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci-to-dockerhub | |
| on: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push | |
| id: docker_build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./ | |
| file: ./Dockerfile | |
| push: true | |
| tags: ${{ secrets.DOCKER_HUB_USERNAME }}/feroxbuster:latest | |
| - name: Image digest | |
| run: echo ${{ steps.docker_build.outputs.digest }} | |
| - name: Verify pushed image | |
| run: | | |
| # Wait a moment for the image to be available | |
| sleep 5 | |
| # Pull the image we just pushed | |
| docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/feroxbuster:latest | |
| # Get the digest of the pulled image | |
| PULLED_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ secrets.DOCKER_HUB_USERNAME }}/feroxbuster:latest | cut -d'@' -f2) | |
| PUSHED_DIGEST="${{ steps.docker_build.outputs.digest }}" | |
| echo "Pushed digest: $PUSHED_DIGEST" | |
| echo "Pulled digest: $PULLED_DIGEST" | |
| # Verify they match | |
| if [ "$PULLED_DIGEST" = "$PUSHED_DIGEST" ]; then | |
| echo "✓ Verification successful: Pulled image matches pushed image" | |
| # Test that the binary works | |
| docker run --rm ${{ secrets.DOCKER_HUB_USERNAME }}/feroxbuster:latest --version | |
| else | |
| echo "✗ Verification failed: Digests do not match" | |
| exit 1 | |
| fi |