diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e068911..00ea0cc 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,30 +1,48 @@ name: Build Docker Image And Deploy. on: - push: + push: branches: - main jobs: - build-and-deploy: + push_to_registry: + name: Push Docker image to Docker Hub runs-on: ubuntu-latest + permissions: + packages: write + contents: read + attestations: write + id-token: write steps: - - name: Checkout code + - name: Check out the repo uses: actions/checkout@v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 + + - name: Log in to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: teaclientmc/docs + - name: Build and push Docker image - uses: docker/build-push-action@v5 + id: push + uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 with: - context: . - push: true - tags: ghcr.io/teaclientmc/docs \ No newline at end of file + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file