Build & Scan Portage CD Images #15
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build portage | |
| run-name: "Build & Scan Portage CD Images" | |
| permissions: | |
| contents: read | |
| checks: write | |
| packages: write | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - 'main' | |
| tags: [ '*' ] | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| image_delivery: | |
| runs-on: ubuntu-latest | |
| name: Build Image with Docker Action | |
| steps: | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: actions/checkout@v4 | |
| - name: Set outputs | |
| id: vars | |
| run: | | |
| image_repo=ghcr.io/easy-up/portage | |
| image_tag=${GITHUB_SHA::8} | |
| # If on a git tag like vx.x.x, change the image tag to reflect | |
| if [[ $GITHUB_REF == refs/tags/v* ]]; then | |
| image_tag=${GITHUB_REF/refs\/tags\//} | |
| fi | |
| # Image Names | |
| echo "image_name=$image_repo:$image_tag" >> $GITHUB_OUTPUT | |
| echo "podman_image_name=$image_repo:podman-$image_tag" >> $GITHUB_OUTPUT | |
| # Build Variables | |
| echo "version=$(git describe --tags)" >> $GITHUB_OUTPUT | |
| echo "git_commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT | |
| echo "git_description=$(git log -1 --pretty=%B | head -n 1)" >> $GITHUB_OUTPUT | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| tags: ${{ steps.vars.outputs.image_name }} | |
| build-args: "VERSION=${{ steps.vars.outputs.version }},GIT_COMMIT=${{ steps.vars.outputs.git_commit }},GIT_DESCRIPTION=${{ steps.vars.outputs.git_description }}" | |
| - name: Build and push podman target | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| tags: ${{ steps.vars.outputs.podman_image_name }} | |
| build-args: "VERSION=${{ steps.vars.outputs.version }},GIT_COMMIT=${{ steps.vars.outputs.git_commit }},GIT_DESCRIPTION=${{ steps.vars.outputs.git_description }}" | |
| target: portage-podman | |
| - name: Run Portage CD Scans | |
| uses: easy-up/portage-cd-actions/image-build-scan-publish/docker@main | |
| with: | |
| image_build_enabled: false | |
| image_publish_enabled: false | |
| tag: ${{ steps.vars.outputs.image_name }} | |
| build_args: "VERSION=${{ steps.vars.outputs.version }},GIT_COMMIT=${{ steps.vars.outputs.git_commit }},GIT_DESCRIPTION=${{ steps.vars.outputs.git_description }}" | |
| - name: job summary | |
| shell: bash | |
| run: | | |
| echo "## Docker Action Image Build and Push Summary" >> $GITHUB_STEP_SUMMARY | |
| echo ":white_check_mark: Image (Docker CLI): ${{ steps.vars.outputs.image_name }}" >> $GITHUB_STEP_SUMMARY | |
| echo ":white_check_mark: Image (Podman CLI): ${{ steps.vars.outputs.podman_image_name }}" >> $GITHUB_STEP_SUMMARY |