Garnet Docker images for Linux #581
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Garnet Docker images for Linux | |
| on: | |
| workflow_dispatch: # allow manual run | |
| workflow_run: | |
| workflows: ['Garnet .NET CI'] | |
| types: [completed] | |
| branches: [main] | |
| push: | |
| tags: 'v*' | |
| jobs: | |
| docker: | |
| strategy: | |
| matrix: | |
| include: | |
| - dockerfile: Dockerfile | |
| image: ghcr.io/${{ github.repository }} | |
| os: ubuntu-latest | |
| - dockerfile: Dockerfile.alpine | |
| image: ghcr.io/${{ github.repository }}-alpine | |
| os: ubuntu-latest | |
| - dockerfile: Dockerfile.ubuntu | |
| image: ghcr.io/${{ github.repository }}-jammy | |
| os: ubuntu-latest | |
| - dockerfile: Dockerfile.chiseled | |
| image: ghcr.io/${{ github.repository }}-jammy-chiseled | |
| os: ubuntu-latest | |
| - dockerfile: Dockerfile.cbl-mariner | |
| image: ghcr.io/${{ github.repository }}-cbl-mariner2.0 | |
| os: ubuntu-latest | |
| runs-on: ${{ matrix.os }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name != 'workflow_run' }} | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - | |
| name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@8e1d5461f02b7886d3c1a774bfbd873650445aa2 # was v5 but now v6 with this commit for security reasons have pinned tag (commit SHA) for 3rd party | |
| with: | |
| images: ${{ matrix.image }} | |
| tags: | | |
| # generate Docker tags based on the following events/attributes | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=sha | |
| # set latest tag for default branch | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # v3 for security reasons have pinned tag (commit SHA) for 3rd party | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3 for security reasons have pinned tag (commit SHA) for 3rd party | |
| - | |
| name: Login to GitHub Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@327cd5a69de6c009b9ce71bce8395f28e651bf99 # was v3 but now v6 with this commit for security reasons have pinned tag (commit SHA) for 3rd party | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - | |
| name: Build and push | |
| uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v5 for security reasons have pinned tag (commit SHA) for 3rd party | |
| with: | |
| file: ${{ matrix.dockerfile }} | |
| provenance: false | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |