This repository has been archived by the owner on Jun 10, 2024. It is now read-only.

Merge pull request #3 from ossf/dependabot/go_modules/golang.org/x/ne… #8

	name: Publish Image

	on:
	push:
	branches:
	- dependency-analysis
	tags:
	- 'v*'

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	build:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Log in to the Container registry
	uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

	- name: Build and push Docker image
	uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
	with:
	context: .
	push: true
	file: Dockerfile
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	provenance:
	needs: [build]
	permissions:
	actions: read # for detecting the Github Actions environment.
	id-token: write # for creating OIDC tokens for signing.
	packages: write # for uploading attestations.
	if: startsWith(github.ref, 'refs/tags/')
	uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
	with:
	image: ${{ needs.build.outputs.image }}
	digest: ${{ needs.build.outputs.digest }}
	registry-username: ${{ github.actor }}
	secrets:
	registry-password: ${{ secrets.GITHUB_TOKEN }}

Provide feedback