Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lowercase the repo name in workflows for use as the container name #24

Closed
wants to merge 1 commit into from
Closed

lowercase the repo name in workflows for use as the container name #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 7 additions & 4 deletions .github/workflows/build-image-signed-cosign-malicious.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ on:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
Expand Down Expand Up @@ -44,13 +43,17 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:daily
tags: ghcr.io/${{ env.IMAGE_NAME }}:latest,ghcr.io/${{ env.IMAGE_NAME }}:daily
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
Expand All @@ -60,5 +63,5 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
echo "ghcr.io/${{ github.repository }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ github.repository }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
9 changes: 6 additions & 3 deletions .github/workflows/build-image-signed-cosign-static-copied.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ on:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
Expand Down Expand Up @@ -40,12 +39,16 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:static
tags: ghcr.io/${{ env.IMAGE_NAME }}:static
context: .
file : Dockerfile.static

Expand All @@ -54,4 +57,4 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
echo "ghcr.io/${{ github.repository }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
9 changes: 6 additions & 3 deletions .github/workflows/build-image-signed-cosign-static.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ on:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
Expand Down Expand Up @@ -40,12 +39,16 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:static
tags: ghcr.io/${{ env.IMAGE_NAME }}:static
context: .
file : Dockerfile.static

Expand All @@ -54,4 +57,4 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
echo "ghcr.io/${{ github.repository }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
11 changes: 7 additions & 4 deletions .github/workflows/build-image-signed-cosign.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ on:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
Expand Down Expand Up @@ -40,13 +39,17 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:daily
tags: ghcr.io/${{ env.IMAGE_NAME }}:latest,ghcr.io/${{ env.IMAGE_NAME }}:daily
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
Expand All @@ -56,5 +59,5 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
echo "ghcr.io/${{ github.repository }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ github.repository }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ env.IMAGE_NAME }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
8 changes: 6 additions & 2 deletions .github/workflows/build-image-signed-ghat-malicious.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,21 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push image
id: push-step
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:latest
tags: ghcr.io/${{ env.IMAGE_NAME }}:latest
context: .

- name: Attest image
uses: github-early-access/generate-build-provenance@main
with:
subject-name: ghcr.io/${{ github.repository }}
subject-name: ghcr.io/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push-step.outputs.digest }}
push-to-registry: true
8 changes: 6 additions & 2 deletions .github/workflows/build-image-signed-ghat-static-copied.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,18 +21,22 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push image
id: push-step
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:static
tags: ghcr.io/${{ env.IMAGE_NAME }}:static
context: .
file : Dockerfile.static

- name: Attest image
uses: github-early-access/generate-build-provenance@main
with:
subject-name: ghcr.io/${{ github.repository }}
subject-name: ghcr.io/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push-step.outputs.digest }}
push-to-registry: true
8 changes: 6 additions & 2 deletions .github/workflows/build-image-signed-ghat-static.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,18 +21,22 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push image
id: push-step
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:static
tags: ghcr.io/${{ env.IMAGE_NAME }}:static
context: .
file : Dockerfile.static

- name: Attest image
uses: github-early-access/generate-build-provenance@main
with:
subject-name: ghcr.io/${{ github.repository }}
subject-name: ghcr.io/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push-step.outputs.digest }}
push-to-registry: true
8 changes: 6 additions & 2 deletions .github/workflows/build-image-signed-ghat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,17 +21,21 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Build and push image
id: push-step
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
push: true
tags: ghcr.io/${{ github.repository }}:latest
tags: ghcr.io/${{ env.IMAGE_NAME }}:latest
context: .

- name: Attest image
uses: github-early-access/generate-build-provenance@main
with:
subject-name: ghcr.io/${{ github.repository }}
subject-name: ghcr.io/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push-step.outputs.digest }}
push-to-registry: true
16 changes: 6 additions & 10 deletions .github/workflows/build-image-unsigned.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ on:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
Expand Down Expand Up @@ -34,6 +33,10 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: lower-repo
run: |
echo "IMAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
Expand All @@ -46,14 +49,7 @@ jobs:
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:daily
tags: ghcr.io/${{ env.IMAGE_NAME }}:latest,ghcr.io/${{ env.IMAGE_NAME }}:daily
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max

# - name: Sign the published Docker image
# env:
# DIGEST: ${{ steps.build-and-push.outputs.digest }}
# run: |
# echo "ghcr.io/${{ github.repository }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
# echo "ghcr.io/${{ github.repository }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
cache-to: type=gha,mode=max
Loading