From 190dde6e70dfb533b3d0dffa73c6cbb496d425b9 Mon Sep 17 00:00:00 2001 From: Shubham Sharma <83682340+shubms@users.noreply.github.com> Date: Sun, 8 Dec 2024 01:10:33 +0530 Subject: [PATCH] feat: Added workflow to build and push images to ghcr --- .github/workflows/build.yml | 73 +++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..d2d98d5 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,73 @@ +name: Publish and Sign Container Image + +env: + REGISTRY: ghcr.io + +on: + push: + branches: + - main + paths: + - .github/workflows/build.yml + - "**/Containerfile" + # schedule: + # - cron: "17 07 * * 0" + +jobs: + build-push-image: + runs-on: ubuntu-24.04 + + permissions: + contents: read + packages: write + id-token: write + + strategy: + fail-fast: false + matrix: + include: + - image: spotify-distrobox + file: distroboxes/spotify/Containerfile + - image: steam-distrobox + file: distroboxes/steam/Containerfile + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Cache podman + uses: actions/cache@v3 + with: + path: ~/.local/share/containers + key: podman + + - name: Buildah image + uses: redhat-actions/buildah-build@v2 + id: build + with: + image: ${{ matrix.image }} + tags: latest ${{ github.sha }} + containerfiles: | + ${{ matrix.file }} + context: . + # oci: true + layers: true + + - name: Push To GHCR + uses: redhat-actions/push-to-registry@v2 + id: push + with: + image: ${{ steps.build.outputs.image }} + tags: ${{ steps.build.outputs.tags }} + registry: ${{ env.REGISTRY }}/${{ github.repository_owner }} + username: ${{ github.repository_owner }} + password: ${{ github.token }} + # extra-args: | + # --sign-by-sigstore=.github/sigstore.yaml + + - name: Cleanup old images + uses: actions/delete-package-versions@v5 + with: + package-name: ${{ matrix.image }} + package-type: container + min-versions-to-keep: 60