.github/workflows/rel.yaml at oauth · quilling.dev/bluepds

quilling.dev / bluepds

Alternative ATProto PDS implementation

bluepds / .github / workflows / rel.yaml

at oauth 1.4 kB view raw

 1name: Release
 2
 3on:
 4  push:
 5    branches:
 6    - main
 7
 8env:
 9  REGISTRY: ghcr.io
10  IMAGE_NAME: ${{ github.repository }}
11  CARGO_TERM_COLOR: always
12
13jobs:
14  build-and-push:
15    runs-on: ubuntu-latest
16
17    permissions:
18      contents: read
19      packages: write
20      attestations: write
21      id-token: write
22    
23    steps:
24    - uses: actions/checkout@v4
25
26    - name: Log into the container registry
27      uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
28      with:
29        registry: ${{ env.REGISTRY }}
30        username: ${{ github.actor }}
31        password: ${{ secrets.GITHUB_TOKEN }}
32
33    - name: Extract metadata (tags, labels) for Docker
34      id: meta
35      uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
36      with:
37        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
38
39    - name: Build and push Docker image
40      id: push
41      uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
42      with:
43        context: .
44        push: true
45        tags: ${{ steps.meta.outputs.tags }}
46        labels: ${{ steps.meta.outputs.labels }}
47
48    - name: Generate artifact attestation
49      uses: actions/attest-build-provenance@v2
50      with:
51        subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
52        subject-digest: ${{ steps.push.outputs.digest }}
53        push-to-registry: true