-
-
Notifications
You must be signed in to change notification settings - Fork 178
142 lines (121 loc) · 3.73 KB
/
images.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Build container images
on:
push:
branches:
- 'clangd-example'
workflow_dispatch:
env:
REGISTRY: ghcr.io
REPO_NAME: ${{ github.repository }}
jobs:
images-simple:
name: Images Build & Deploy
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
strategy:
matrix:
image_names: [ eclipse.jdt.ls, groovy, clangd ]
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.REPO_NAME }}/${{ matrix.image_names }}
# enforce latest tag for now
tags: |
type=raw,value=latest
- name: Build & Push
id: push
uses: docker/build-push-action@v6
with:
context: ./packages/examples/resources/${{ matrix.image_names }}
file: Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Attest
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.REPO_NAME }}/${{ matrix.image_names }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
images-clangd:
name: Clangd Build & Deploy
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
timeout-minutes: 60
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (configure)
id: meta_configure
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.REPO_NAME }}/clangd-configure
# enforce latest tag for now
tags: |
type=raw,value=latest
- name: Extract metadata (build)
id: meta_build
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.REPO_NAME }}/clangd-build
# enforce latest tag for now
tags: |
type=raw,value=latest
- name: Build & Push (configure)
id: push_configure
uses: docker/build-push-action@v6
with:
context: ./packages/examples/resources/clangd
file: configure.Dockerfile
push: true
tags: ${{ steps.meta_configure.outputs.tags }}
labels: ${{ steps.meta_configure.outputs.labels }}
- name: Build & Push (build)
id: push_build
uses: docker/build-push-action@v6
with:
context: ./packages/examples/resources/clangd
file: build.Dockerfile
push: true
tags: ${{ steps.meta_build.outputs.tags }}
labels: ${{ steps.meta_build.outputs.labels }}
- name: Attest (configure)
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.REPO_NAME }}//clangd-configure
subject-digest: ${{ steps.push_configure.outputs.digest }}
push-to-registry: true
- name: Attest (configure)
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.REPO_NAME }}/clangd-build
subject-digest: ${{ steps.push_build.outputs.digest }}
push-to-registry: true