Skip to content
.github/workflows/release.yml

.github/workflows/release.yml #7

Sign in to view logs

.github/workflows/release.yml

.github/workflows/release.yml #7

Workflow file for this run

.github/workflows/release.yml at d5e9e80
on:
release:
types: [published]
permissions:
contents: read
env:
GITHUB_ACTION_TAG: ${{ github.ref_name }}
jobs:
push-multiarch:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials registry | PRIME_REGISTRY ;
secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials username | PRIME_REGISTRY_USERNAME ;
secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials password | PRIME_REGISTRY_PASSWORD ;
secret/data/github/repo/${{ github.repository }}/github/release-app-credentials appId | APP_ID ;
secret/data/github/repo/${{ github.repository }}/github/release-app-credentials privateKey | PRIVATE_KEY
- name: "Generate GH App Token"
id: app-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ env.APP_ID }}
private-key: ${{ env.PRIVATE_KEY }}
repositories: |
release-cni-plugin
release-container-networking-plugins
- name: Build and push image
uses: rancher/ecm-distro-tools/actions/publish-image@master
env:
CNI_SRC: x-access-token:${{ steps.app-token.outputs.token }}@github.com/rancher/release-cni-plugin
CNP_SRC: x-access-token:${{ steps.app-token.outputs.token }}@github.com/rancher/release-container-networking-plugins
with:
image: "hardened-cni-plugins"
tag: ${{ github.event.release.tag_name }}
push-to-public: false
prime-repo: rancher
prime-registry: ${{ env.PRIME_REGISTRY }}
prime-username: ${{ env.PRIME_REGISTRY_USERNAME }}
prime-password: ${{ env.PRIME_REGISTRY_PASSWORD }}