Skip to content

chore(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 #13

chore(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0

chore(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 #13

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Publish Special Containers
on:
workflow_dispatch:
push:
branches:
- next
- main
pull_request:
paths:
- 'cloud/container/**'
- '.github/workflows/publish-special-container.yml'
env:
REGISTRY: ghcr.io
jobs:
build:
if: github.repository_owner == 'AliMD'
name: Build & Publish Containers
runs-on: ubuntu-latest
strategy:
fail-fast: true
max-parallel: 1
matrix:
include:
- image: traefik
path: cloud/container/traefik
description: Clone of Traefik.
version:
short: 1
full: 1.7-alpine
- image: alpine
path: cloud/container/alpine
description: A minimal Docker image based on Alpine Linux with a complete package index and only 5 MB in size!
version:
short: 3
full: 3.17
- image: nginx
path: cloud/container/nginx
description: High performance Accelerated NGINX optimized for serve static content like CDN.
version:
short: 1
full: 1.9.2-1.25-alpine
- image: nginx-pwa
path: cloud/container/nginx-pwa
description: High performance Accelerated NGINX optimized for serve progressive web applications.
version:
short: 1
full: 1.9.2-1.25-alpine
- image: nginx-ws
path: cloud/container/nginx-ws
description: High performance Accelerated NGINX optimized for serve static website.
version:
short: 1
full: 1.9.2-1.25-alpine
- image: nginx-storage
path: cloud/container/nginx-storage
description: High performance Accelerated NGINX optimized for serve alwatr storage server json.
version:
short: 1
full: 1.9.2-1.25-alpine
- image: adminer
path: cloud/container/adminer
description: Clone of Adminer.
version:
short: 4
full: 4
- image: mariadb
path: cloud/container/mariadb
description: Clone of Mariadb.
version:
short: 10
full: 10.9
- image: nocodb
path: cloud/container/nocodb
description: Clone of Nocodb.
version:
short: 0.109
full: 0.109.2
- image: php
path: cloud/container/php/7.4-apache
description: Clone of PHP Apache.
version:
short: 7-apache
full: 7.4-apache
- image: php
path: cloud/container/php/7.4-fpm
description: Clone of PHP FPM.
version:
short: 7-fpm
full: 7.4-fpm
- image: php
path: cloud/container/php/8.2-fpm
description: Clone of PHP FPM.
version:
short: 8-fpm
full: 8.2-fpm
- image: wordpress
path: cloud/container/wordpress/php7.4
description: Clone of Wordpress.
version:
short: 6-php7
full: 6.1-php7.4-fpm # latest version support php 7.4 is 6.1
- image: wordpress
path: cloud/container/wordpress/php8.2
description: Clone of Wordpress.
version:
short: 6
full: 6.2-php8.2-fpm
# - image: tdlib
# path: cloud/container/tdlib
# description: Cross-platform library for building Telegram clients.
# version:
# short: 1
# full: 1.8
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: ⤵️ Checkout repository
uses: actions/[email protected]
- name: 🏗 Extract Docker metadata
id: meta
uses: docker/[email protected]
with:
github-token: ${{secrets.GITHUB_TOKEN}}
images: |
name=${{env.REGISTRY}}/alwatr/${{matrix.image}},enable=false
name=${{env.REGISTRY}}/${{github.repository_owner}}/${{matrix.image}},enable=true
labels: |
[email protected]
org.opencontainers.image.title=@Alwatr/${{matrix.image}}
org.opencontainers.image.description=${{matrix.description}}
tags: |
type=ref,event=branch
type=ref,event=pr
type=raw,value=${{matrix.version.short}}
type=raw,value=${{matrix.version.full}}
# type=semver,pattern={{version}},prefix=alwatr-
# type=semver,pattern={{major}}.{{minor}},prefix=alwatr-
- name: 🏗 Install cosign
if: ${{ github.event_name != 'pull_request' }}
uses: sigstore/[email protected]
- name: 🏗 Setup Docker Buildx
uses: docker/[email protected]
- name: 🏗 Log into registry ${{env.REGISTRY}}
if: ${{ github.event_name != 'pull_request' }}
uses: docker/[email protected]
with:
registry: ${{env.REGISTRY}}
username: ${{github.repository_owner}}
password: ${{secrets.GITHUB_TOKEN}}
- name: 🚀 Build and push container image
id: build-and-push
uses: docker/[email protected]
with:
context: ${{matrix.path}}
push: ${{github.event_name != 'pull_request'}}
tags: ${{steps.meta.outputs.tags}}
labels: ${{steps.meta.outputs.labels}}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: 🏗 Sign the published container image
if: ${{github.event_name != 'pull_request'}}
env:
COSIGN_EXPERIMENTAL: 'true'
run: echo "${{steps.meta.outputs.tags}}" | xargs -I {} cosign sign --yes {}@${{steps.build-and-push.outputs.digest}}