name: Docker Build and Publish on: schedule: - cron: '37 7 * * *' push: branches: [ "main" ] paths-ignore: - '**/README.md' pull_request: branches: [ "main" ] paths-ignore: - '**/README.md' workflow_dispatch: env: ## github.repository as / IMAGE_NAME: ${{ github.repository }} jobs: ## define job to build and publish docker image build-and-push-docker-image: name: Build Docker image amd publish to Gitea runs-on: runner1 permissions: contents: read packages: write ## This is used to complete the identity challenge ## with sigstore/fulcio when running outside of PRs. id-token: write steps: - name: Checkout repository uses: actions/checkout@v3 ## https://github.com/docker/build-push-action - name: Setup Docker buildx uses: docker/setup-buildx-action@v2 ## https://github.com/docker/login-action - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} # ## https://github.com/docker/metadata-action # - name: Extract Docker metadata # id: meta # uses: docker/metadata-action@v4 # with: # images: docker.io/caddy # tags: | # type=semver,pattern={{version}} # type=semver,pattern={{major}}.{{minor}} # type=semver,pattern={{major}} # flavor: | # latest=true ## https://github.com/docker/build-push-action - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@v3 with: provenance: false context: . platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8 push: ${{ github.event_name != 'pull_request' }} # tags: ${{ steps.meta.outputs.tags }} # labels: ${{ steps.meta.outputs.labels }} tags: | ghcr.io/${{ env.IMAGE_NAME }}:latest cache-from: type=gha cache-to: type=gha,mode=max - name: Image digest run: echo ${{ steps.build-and-push.outputs.digest }}