Skip to content

build(deps): bump golang from 1.22.6-alpine to 1.23.0-alpine (#53) #129

build(deps): bump golang from 1.22.6-alpine to 1.23.0-alpine (#53)

build(deps): bump golang from 1.22.6-alpine to 1.23.0-alpine (#53) #129

Workflow file for this run

name: docker
on:
push:
paths-ignore:
- ".github/**"
branches:
- "main"
tags:
- "v*.*.*"
jobs:
docker-build-push:
concurrency: "build"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install cosign
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
uses: sigstore/cosign-installer@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: docker-meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
- name: Build and push
uses: docker/build-push-action@v6
id: docker-build
timeout-minutes: 10
with:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker-meta.outputs.tags }}
labels: ${{ steps.docker-meta.outputs.labels }}
annotations: ${{ steps.docker-meta.outputs.annotations }}
cache-from: type=gha
cache-to: type=gha,mode=max
sbom: false
provenance: false
platforms: linux/amd64,linux/arm64
- name: Sign the published Docker image
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
env:
TAGS: ${{ steps.docker-meta.outputs.tags }}
DIGEST: ${{ steps.docker-build.outputs.digest }}
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}