Skip to content

Merge pull request #4454 from jwcesign/forbid-mcs-update #20

Merge pull request #4454 from jwcesign/forbid-mcs-update

Merge pull request #4454 from jwcesign/forbid-mcs-update #20

name: latest image to DockerHub
on:
push:
branches:
- master
jobs:
publish-image-to-dockerhub:
name: publish to DockerHub
permissions:
id-token: write # To be able to get OIDC ID token to sign images.
# prevent job running from forked repository, otherwise
# 1. running on the forked repository would fail as missing necessary secret.
# 2. running on the forked repository would use unnecessary GitHub Action time.
if: ${{ github.repository == 'karmada-io/karmada' && github.ref == 'refs/heads/master' }}
strategy:
matrix:
target:
- karmada-controller-manager
- karmada-scheduler
- karmada-descheduler
- karmada-webhook
- karmada-agent
- karmada-scheduler-estimator
- karmada-interpreter-webhook-example
- karmada-aggregated-apiserver
- karmada-search
- karmada-operator
- karmada-metrics-adapter
runs-on: ubuntu-22.04
steps:
- name: checkout code
uses: actions/checkout@v3
with:
# fetch-depth:
# 0 indicates all history for all branches and tags.
# for `git describe --tags` in Makefile.
fetch-depth: 0
- name: install Go
uses: actions/setup-go@v3
with:
go-version: 1.20.11
- name: Install Cosign
uses: sigstore/[email protected]
with:
cosign-release: 'v1.13.1'
- name: install QEMU
uses: docker/setup-qemu-action@v2
- name: install Buildx
uses: docker/setup-buildx-action@v2
- name: login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USER_NAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build and publish images
env:
REGISTRY: karmada
VERSION: latest
COSIGN_EXPERIMENTAL: 1
SIGN_IMAGE: 1
run: make mp-image-${{ matrix.target }}