Skip to content

docker container will be build on every run, but pushed only on tags #14

docker container will be build on every run, but pushed only on tags

docker container will be build on every run, but pushed only on tags #14

Workflow file for this run

name: push
on: push
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: "1.20"
- run: go test -v -cover $(go list ./... | grep -v /vendor)
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: "1.20"
- run: CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-X main.SHA=${{ github.sha }}" -o bin/vaultcreds cmd/*.go
- uses: actions/upload-artifact@v3
with:
name: bin
path: bin/
docker-build-push:
permissions:
contents: read
packages: write
env:
REGISTRY: "${{ github.repository == 'uswitch/vault-creds' && 'quay.io' || 'ghcr.io' }}"
IMAGE_NAME: "${{ github.repository == 'uswitch/vault-creds' && 'uswitch/vault-creds' || github.repository }}"
needs: [test, build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v3
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.REGISTRY == 'quay.io' && secrets.QUAY_USERNAME || github.actor }}
password: ${{ env.REGISTRY == 'quay.io' && secrets.QUAY_PASSWORD || secrets.GITHUB_TOKEN }}
- id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=semver,pattern=v{{version}}
type=sha,prefix=,format=long,
- uses: docker/build-push-action@v4
with:
context: .
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
push: ${{ github.ref_name == 'master' || startsWith(github.ref, 'refs/tags/v') }}
tags: ${{ steps.meta.outputs.tags }}
build-args: LDFLAGS=-X main.SHA=${{ github.sha }}