Skip to content

chore(deps): Bump actions/attest-sbom from 2.0.1 to 2.1.0 in /.github/actions/build-docker-image #1026

chore(deps): Bump actions/attest-sbom from 2.0.1 to 2.1.0 in /.github/actions/build-docker-image

chore(deps): Bump actions/attest-sbom from 2.0.1 to 2.1.0 in /.github/actions/build-docker-image #1026

Workflow file for this run

name: Build WordPress
on:
push:
branches:
- master
paths:
- "wordpress/**"
- ".github/workflows/wordpress.yml"
- ".github/actions/build-docker-image/**"
pull_request:
paths:
- "wordpress/**"
- ".github/workflows/wordpress.yml"
- ".github/actions/build-docker-image/**"
workflow_dispatch:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
prepare:
name: Prepare build matrix
runs-on: ubuntu-latest
steps:
- name: Check out source code
uses: actions/checkout@v4
- name: Read versions.json
id: set-matrix
run: |
jq -c '.' versions.json
echo "matrix=$(jq -c '.' versions.json)" >> $GITHUB_OUTPUT
working-directory: wordpress
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
build:
name: "Build Docker image (ref: ${{ matrix.wp.ref }}, tag: ${{ matrix.wp.tag }})"
runs-on: ubuntu-latest
needs: prepare
permissions:
contents: read
packages: write
pull-requests: write
security-events: write
id-token: write
attestations: write
strategy:
fail-fast: false
matrix:
wp: ${{ fromJson(needs.prepare.outputs.matrix) }}
steps:
- name: Check out source code
uses: actions/checkout@v4
- name: Set additional tags
id: extra-tags
run: |
if [ "${{ matrix.wp.locked }}" = "true" ]; then
echo "tags=ghcr.io/automattic/vip-container-images/wordpress:${{ matrix.wp.tag }}-locked" >> $GITHUB_OUTPUT
else
echo "tags=" >> $GITHUB_OUTPUT
fi
- name: Build and push image
uses: ./.github/actions/build-docker-image
with:
context: wordpress
push: ${{ github.base_ref == null }}
args: WP_GIT_REF=${{ matrix.wp.ref }}
cache-from: type=gha,scope=wordpress-${{ matrix.wp.ref }}
cache-to: type=gha,mode=max,scope=wordpress-${{ matrix.wp.ref }}
no-cache: ${{ matrix.wp.cacheable == false || github.event_name == 'workflow_dispatch' }}
primaryTag: ghcr.io/automattic/vip-container-images/wordpress:${{ matrix.wp.tag }}
tags: ${{ steps.extra-tags.outputs.tags }}
scan: false