build(deps): bump golang from 1.21.6-alpine to 1.22.0-alpine (#28) #102

	name: docker

	on:
	push:
	paths-ignore:
	- ".github"
	branches:
	- "main"
	tags:
	- "v..*"

	jobs:
	docker-build-push:
	concurrency: "build"
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	id-token: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Install cosign
	if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
	uses: sigstore/cosign-installer@v3
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to DockerHub
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Docker meta
	id: docker-meta
	uses: docker/metadata-action@v5
	with:
	images: ghcr.io/islishude/web3-cli
	- name: Build and push
	uses: docker/build-push-action@v5
	id: docker-build
	timeout-minutes: 10
	with:
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.docker-meta.outputs.tags }}
	labels: ${{ steps.docker-meta.outputs.labels }}
	annotations: ${{ steps.docker-meta.outputs.annotations }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	sbom: true
	provenance: true
	platforms: linux/amd64,linux/arm64
	- name: Sign the published Docker image
	if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
	env:
	TAGS: ${{ steps.docker-meta.outputs.tags }}
	DIGEST: ${{ steps.docker-build.outputs.digest }}
	run: echo "${TAGS}" \| xargs -I {} cosign sign --yes {}@${DIGEST}

Provide feedback