fix(website): Link to correct release notes #4151
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Automated Builds | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*.*.*" | |
| pull_request: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: "0 0 * * 0" | |
| jobs: | |
| docker: | |
| name: Docker Build and Push | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 | |
| with: | |
| images: | | |
| orhunp/git-cliff | |
| ghcr.io/${{ github.repository_owner }}/git-cliff/git-cliff | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=sha | |
| type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/') }} | |
| type=raw,value=main,enable=${{ github.ref == 'refs/heads/main' }} | |
| type=semver,pattern={{version}} | |
| - name: Find Image by SHA Tag | |
| id: image_sha_tag | |
| env: | |
| META_JSON: ${{ steps.meta.outputs.json }} | |
| # This jq script is the most direct way to pull the current sha tag for targeting | |
| # the security scan. | |
| # The JSON output is currently an object and one property is the tags array. | |
| # That array contains and entry like "ghcr.io/orhun/git-cliff/git-cliff:sha-1810ad6" | |
| # This JQ script pulls the tags, then selects the first one that contains both | |
| # `ghcr.io` and `:sha-`. The full tag value is then exported to be used later. | |
| run: | | |
| tag_value="$( | |
| jq -r ' | |
| first(.tags[] | select(contains("ghcr.io") and contains(":sha-"))) | |
| ' <<< "$META_JSON" | |
| )" | |
| echo "image=$tag_value" >> "$GITHUB_OUTPUT" | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 | |
| with: | |
| platforms: arm64 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 | |
| - name: Cache Docker layers | |
| uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Login to Docker Hub | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Login to GHCR | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| id: docker_build | |
| uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 | |
| with: | |
| context: ./ | |
| file: ./Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| builder: ${{ steps.buildx.outputs.name }} | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| sbom: true | |
| provenance: true | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache | |
| - name: Scan the image | |
| if: github.event_name != 'pull_request' | |
| uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0 | |
| with: | |
| image: ${{ steps.image_sha_tag.outputs.image }} | |
| - name: Image digest | |
| run: echo ${{ steps.docker_build.outputs.digest }} |