-
Notifications
You must be signed in to change notification settings - Fork 649
47 lines (45 loc) · 1.64 KB
/
push-container-testing.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: Container
on:
workflow_call:
inputs:
is_latest_tag:
required: true
type: string
is_version_tag:
required: true
type: string
secrets:
dockerhub_user:
required: true
dockerhub_token:
required: true
jobs:
# TODO: do we need to push or is building enough?
debian_testing:
name: ghcr:debian:testing
runs-on: "self-hosted-generic"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Container build and push 3rd gen
id: build-and-push
uses: greenbone/actions/container-build-push-generic@v3
with:
build-docker-file: .docker/prod.Dockerfile
build-args: |
REPOSITORY=${{ github.repository }}
cosign-key: ${{ secrets.cosign_key_opensight }}
cosign-key-password: ${{ secrets.cosign_password_opensight }}
# The tlog function does not currently support an ed25519 key.
cosign-tlog-upload: "false"
image-labels: |
org.opencontainers.image.vendor=Greenbone
org.opencontainers.image.base.name=greenbone/gvm-libs
image-tags: |
type=raw,value=testing,enable=${{ inputs.is_latest_tag }}
type=raw,value=testing-edge,enable=${{ github.ref_name == 'main' }}
type=raw,value=testing-{{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }}
type=ref,event=pr
registry: ${{ vars.IMAGE_REGISTRY }}
registry-username: ${{ github.actor }}
registry-password: ${{ secrets.GITHUB_TOKEN }}