greenbone · bjoernricks · Jan 30, 2025 · Jan 30, 2025 · Jan 30, 2025 · Jan 30, 2025
@@ -1,97 +1,29 @@
-name: Container Image Builds
+name: Build and Push to Container Image
 
 on:
   push:
     branches:
       - main
-    tags: ['v24.*']
+    tags:
+      - 'v24*'
   pull_request:
     branches:
       - main
   workflow_dispatch:
     inputs:
       ref-name:
         type: string
-        description: 'The ref to build a container image from. For example a tag v24.0.0.'
+        description: 'The ref to build a container image from. For example a tag v23.0.0.'
         required: true
 
 jobs:
-  images:
-    permissions:
-      contents: read
-      packages: write
-    name: Build and upload container images
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          fetch-tags: true
-          ref: ${{ inputs.ref-name || '' }}
-      - uses: greenbone/actions/is-latest-tag@v3
-        id: latest
-        with:
-          tag-name: ${{ inputs.ref-name || github.ref_name }}
-      - name: Setup container meta information
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            name=${{ github.repository }},enable=${{ github.event_name != 'pull_request' }}
-            name=${{ vars.IMAGE_REGISTRY }}/${{ github.repository }}
-          context: git
-          labels: |
-            org.opencontainers.image.vendor=Greenbone
-            org.opencontainers.image.base.name=greenbone/gsad
-          flavor: latest=false # no latest container tag for git tags
-          tags: |
-            # use version, major.minor and major for tags
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
-
-            # use edge for default branch
-            type=edge
-
-            # set label for non-published pull request builds
-            type=raw,value=${{ github.event.pull_request.head.ref }},enable=${{ github.event_name == 'pull_request' }}
-
-            # when a new git tag is created set stable and a latest tags
-            type=raw,value=latest,enable=${{ steps.latest.outputs.is-latest-tag == 'true' }}
-            type=raw,value=stable,enable=${{ steps.latest.outputs.is-latest-tag == 'true' }}
-      - name: Set container build options
-        id: container-opts
-        run: |
-          if [[ "${{ github.ref_type }}" = 'tag' ]]; then
-            echo "version=stable" >> $GITHUB_OUTPUT
-          else
-            echo "version=edge" >> $GITHUB_OUTPUT
-          fi
-      - name: Login to Docker Registry
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.action }}
-          password: ${{ github.token }}
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Build and push Container image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          push: true
-          build-args: |
-            VERSION=${{ steps.container-opts.outputs.version }}
-          file: .docker/prod.Dockerfile
-          platforms: ${{ steps.container-opts.outputs.version == 'edge' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+  build:
+    name: Build and Push to Greenbone Registry
+    uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main
+    with:
+      image-url: community/gsa
+      image-labels: |
+        org.opencontainers.image.vendor=Greenbone
+        org.opencontainers.image.base.name=greenbone/gsad
+      ref-name: ${{ inputs.ref-name }}
+    secrets: inherit