tinyclaw/.github/workflows/container.yml at main · warengonzaga/tinyclaw · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: Container Build

on:
  pull_request:
    branches: [main, dev]
  push:
    branches: [main, dev]
  workflow_call:
  workflow_dispatch:
  release:
    types: [published]

permissions:
  contents: read
  packages: write
  security-events: write
  pull-requests: write

jobs:
  build:
    if: github.event_name != 'pull_request' || github.event.pull_request.user.login != 'dependabot[bot]'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Build and Push Container
        uses: wgtechlabs/container-build-flow-action@v1.3.1 # v1.3.1
        with:
          registry: both
          dockerhub-username: ${{ secrets.DOCKER_HUB_USERNAME }}
          dockerhub-token: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
          ghcr-token: ${{ secrets.GITHUB_TOKEN }}
          platforms: linux/amd64,linux/arm64
          trivy-severity: CRITICAL
          fail-on-vulnerability: true