Bump docker/setup-buildx-action from 2 to 3 (#20) #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Build and push Docker image to docker hub | |
name: Build | |
on: | |
push: | |
branches: | |
- "main" | |
tags: | |
- "*.*.*" | |
pull_request: | |
branches: | |
- "main" | |
jobs: | |
build-and-push: | |
name: Build docker image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
env: | |
IMAGE_NAME: kapitan | |
PLATFORMS: linux/amd64,linux/arm64 | |
WORKLOAD_IDENTITY_POOL: 'projects/724876838553/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-oidc-provider' | |
SERVICE_ACCOUNT: 'github-kapitan-dockerfile@quortex-admin.iam.gserviceaccount.com' | |
steps: | |
# This step uses Github's checkout-action: https://github.com/actions/checkout | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: | | |
eu.gcr.io/quortex-registry-public/${{ env.IMAGE_NAME }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
# Login if the event is a push or a tag to be able to push | |
- id: 'auth' | |
name: 'Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
if: ${{ github.event_name != 'pull_request' }} | |
with: | |
token_format: 'access_token' | |
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_POOL }} | |
service_account: ${{ env.SERVICE_ACCOUNT }} | |
- name: Login to GCR | |
uses: docker/login-action@v2 | |
if: ${{ github.event_name != 'pull_request' }} | |
with: | |
registry: eu.gcr.io | |
username: oauth2accesstoken | |
password: ${{ steps.auth.outputs.access_token }} | |
# Always build the docker image, and push it on merge or tag | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: ${{ env.PLATFORMS }} | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |