diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml index 8077969..58876c0 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/image.yml @@ -2,9 +2,6 @@ name: "Build Images" on: push: - branches: - - main - - develop release: types: - published @@ -39,7 +36,7 @@ jobs: uses: actions/checkout@v2 - name: Install cosign - uses: sigstore/cosign-installer@v2.8.1 + uses: sigstore/cosign-installer@v3.5.0 # Set up QEMU to be able to build to multiple architectures - name: Set up QEMU @@ -67,7 +64,11 @@ jobs: type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} - name: Prepare build + id: prepare run: | + export BUILD_DATE=$(date -Iseconds) + export FLAVOUR=${{ matrix.flavour.name }} + cat build/Dockerfile.prefix > Dockerfile cat "flavour/${{ matrix.flavour.name }}/Dockerfile.flavour" >> Dockerfile @@ -75,10 +76,15 @@ jobs: curl -sSL https://raw.githubusercontent.com/tests-always-included/mo/master/mo -o mo chmod +x mo - cat build/Dockerfile.suffix.mo | BUILD_DATE=$(date -Iseconds) FLAVOUR=${{ matrix.flavour.name }} ./mo > build/Dockerfile.suffix - + cat build/Dockerfile.suffix.mo | ./mo > build/Dockerfile.suffix cat build/Dockerfile.suffix >> Dockerfile + { + echo 'labels<> "$GITHUB_OUTPUT" + rm mo env: FLAVOUR: "${{ matrix.flavour.name }}" @@ -89,17 +95,17 @@ jobs: - name: Build and push Docker image id: build-and-push - uses: docker/build-push-action@v4.0.0 + uses: docker/build-push-action@v5.3.0 with: context: . push: true pull: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + annotations: | + ${{ steps.prepare.outputs.labels }} no-cache: true platforms: ${{ matrix.flavour.platforms }} - name: Sign the published Docker image - env: - COSIGN_EXPERIMENTAL: "true" - run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }} diff --git a/build/labels.txt.mo b/build/labels.txt.mo new file mode 100644 index 0000000..3a75d41 --- /dev/null +++ b/build/labels.txt.mo @@ -0,0 +1,16 @@ +index:io.artifacthub.package.readme-url=https://raw.githubusercontent.com/dodevops/cloudcontrol/develop/README.md +index:org.opencontainers.image.created={{BUILD_DATE}} +index:org.opencontainers.image.description="The cloud engineer's toolbox - {{FLAVOUR}} flavour" +index:org.opencontainers.image.documentation=https://github.com/dodevops/cloudcontrol +index:org.opencontainers.image.source=https://github.com/dodevops/cloudcontrol +index:org.opencontainers.image.title="cloudcontrol-{{FLAVOUR}}" +index:org.opencontainers.image.url=https://github.com/dodevops/cloudcontrol +index:org.opencontainers.image.vendor="DO! DevOps" +manifest:io.artifacthub.package.readme-url=https://raw.githubusercontent.com/dodevops/cloudcontrol/develop/README.md +manifest:org.opencontainers.image.created={{BUILD_DATE}} +manifest:org.opencontainers.image.description="The cloud engineer's toolbox - {{FLAVOUR}} flavour" +manifest:org.opencontainers.image.documentation=https://github.com/dodevops/cloudcontrol +manifest:org.opencontainers.image.source=https://github.com/dodevops/cloudcontrol +manifest:org.opencontainers.image.title="cloudcontrol-{{FLAVOUR}}" +manifest:org.opencontainers.image.url=https://github.com/dodevops/cloudcontrol +manifest:org.opencontainers.image.vendor="DO! DevOps"