From b5842c7c7f21f6e15cbcfd391cbea01635d9ea18 Mon Sep 17 00:00:00 2001
From: YuitoAkatsuki <yuito_it@outlook.jp>
Date: Wed, 31 Jul 2024 20:42:39 +0900
Subject: [PATCH] test

---
 .github/workflows/docker-push.yaml | 59 +++++++++++++++---------------
 1 file changed, 29 insertions(+), 30 deletions(-)

diff --git a/.github/workflows/docker-push.yaml b/.github/workflows/docker-push.yaml
index c5f8eae..c739302 100644
--- a/.github/workflows/docker-push.yaml
+++ b/.github/workflows/docker-push.yaml
@@ -5,38 +5,37 @@ on:
       - main
 
 jobs:
-  build-and-push:
+  push_to_registries:
+    name: Push Docker image to multiple registries
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
+      - name: Check out the repo
+        uses: actions/checkout@v4
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: |
+            ${{ secrets.K8S_DOCKER_REGISTHOST }}/${{ github.repository }}
 
-      - name: enable
-        run: |
-          SW_JSON=""
-          SW_JSON="$(sudo cat /etc/docker/daemon.json | jq '.+{ "insecure-registries":["${{ secrets.K8S_DOCKER_REGISTHOST }}"],"max-concurrent-uploads": 1,"debug":true }')"
-          echo "${SW_JSON}" | sudo bash -c 'cat -- > /etc/docker/daemon.json'
-          sudo cat /etc/docker/daemon.json
-          sudo systemctl restart docker || sudo journalctl -xeu docker.service
-          echo ---
-          docker info
-          echo ---
-          docker image ls
-          echo ---
-          sudo systemctl status docker
-        shell: bash
-      - name: Check Docker status
-        run: |
-          export DOCKER_CLIENT_TIMEOUT=18000
-          export COMPOSE_HTTP_TIMEOUT=240
-          sudo systemctl status docker.service
-          sudo journalctl -xeu docker.service
+      - name: Build and push Docker images
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
 
-      - name: Build Docker image
-        run: docker build -t ${{ secrets.K8S_DOCKER_REGISTHOST }}/mediawiki:latest .
-
-      - name: Push Docker image
-        run: docker push ${{ secrets.K8S_DOCKER_REGISTHOST }}/mediawiki:latest
\ No newline at end of file
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ secrets.K8S_DOCKER_REGISTHOST }}/mediawiki
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true
\ No newline at end of file