2828 env :
2929 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
3030
31- buildx :
32- runs-on : ubuntu-latest
33-
34- env :
35- PLATFORMS : linux/amd64,linux/arm64
36- IMAGE_NAME : ${{ github.repository }}
37- REGISTRY : ghcr.io
38-
39- permissions :
40- contents : read
41- packages : write
42- attestations : write
43- id-token : write
44-
45- steps :
46-
47- - name : Checkout
48- uses : actions/checkout@v4
49-
50- - name : Docker meta
51- id : meta
52- uses : docker/metadata-action@v5
53- with :
54- images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
55- tags : |
56- type=semver,pattern={{version}}
57- type=semver,prefix=v,pattern={{version}}
58- type=semver,prefix=v,pattern={{major}}.{{minor}}
59- type=semver,prefix=v,pattern={{major}}
60- type=sha
61-
62- name : Set up QEMU
63- uses : docker/setup-qemu-action@v3
64-
65- - name : Set up Docker Buildx
66- uses : docker/setup-buildx-action@v3
67-
68- - name : Login to GitHub Container Registry
69- uses : docker/login-action@v3
70- with :
71- registry : ghcr.io
72- username : ${{ github.actor }}
73- password : ${{ secrets.GITHUB_TOKEN }}
74-
75- - name : Build and push
76- id : push
77- uses : docker/build-push-action@v6
78- with :
79- platforms : ${{ env.PLATFORMS }}
80- tags : ${{ steps.meta.outputs.tags }}
81- labels : ${{ steps.meta.outputs.labels }}
82- build-args : |
83- BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
84- VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
85- REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
86- BUILDER=buildx
87- push : true
88-
89- - name : Generate artifact attestation
90- uses : actions/attest-build-provenance@v1
91- with :
92- subject-name : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
93- subject-digest : ${{ steps.push.outputs.digest }}
94- push-to-registry : true
31+
0 commit comments