Skip to content

tidy up

tidy up #4

Workflow file for this run

name: docker
on:
push:
tags:
- "v*"
env:
REGISTRY: ghcr.io
IMAGE_NAME: telkomindonesia/db-backup-docker
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- id: docker_meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- id: docker_build
name: Build and push Docker image
uses: docker/build-push-action@v3
with:
platforms: linux/amd64
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
- name: Install Cosign
uses: sigstore/cosign-installer@main
- name: Sign image with a key
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY ${IMAGE_NAME,,}@${IMAGE_DIGEST} --yes
env:
IMAGE_NAME: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
IMAGE_DIGEST: ${{ steps.docker_build.outputs.digest }}
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}