1- name : Build and publish cfssl docker image
1+ name : cfssl docker
22
33on :
4+ workflow_dispatch :
45 push :
6+ branches :
7+ - " master"
58 tags :
6- - ' v*.*.*'
7-
9+ - " v*"
810jobs :
911 build-and-push-image :
1012 runs-on : ubuntu-latest
1113 permissions :
1214 contents : read
1315 packages : write
16+ strategy :
17+ matrix :
18+ include :
19+ # github container registry
20+ - registry : " ghcr.io"
21+ username : ${{ github.actor }}
22+ password_secret : GITHUB_TOKEN
23+ image : ghcr.io/cloudflare/cfssl
24+ # docker test publish, todo: switch to service account
25+ - registry : " "
26+ username : nicky
27+ password_secret : DOCKER_REGISTRY_TOKEN_NICKY
28+ image : cfssl/cfssl
1429 steps :
1530 - name : Checkout repository
1631 uses : actions/checkout@v3
1732 with :
1833 fetch-depth : 0
1934
20- - name : Get tag
21- id : cfssl
22- run : echo "::set-output name=tag::$(git describe --tags HEAD)"
23-
2435 - name : Set up QEMU
2536 uses : docker/setup-qemu-action@v2
2637
@@ -30,13 +41,19 @@ jobs:
3041 - name : Log in to the Docker hub
3142 uses : docker/login-action@v2
3243 with :
33- username : ${{ secrets.DOCKERHUB_USERNAME }}
34- password : ${{ secrets.DOCKERHUB_TOKEN }}
35-
44+ registry : ${{ matrix.registry }}
45+ username : ${{ matrix.username }}
46+ password : ${{ secrets[matrix.password_secret] }}
47+ - name : Extract metadata (tags, labels) for Docker
48+ id : meta
49+ uses : docker/metadata-action@v4
50+ with :
51+ images : ${{ matrix.image }}
3652 - name : Build and push
3753 uses : docker/build-push-action@v3
3854 with :
3955 context : .
4056 platforms : linux/amd64,linux/arm64,linux/s390x
4157 push : true
42- tags : cfssl:${{ steps.cfssl.outputs.tag }}
58+ tags : ${{ steps.meta.outputs.tags }}
59+ labels : ${{ steps.meta.outputs.labels }}
0 commit comments