From 0accb19be4ab1489c47ab2fcac6860bb128794fa Mon Sep 17 00:00:00 2001 From: Jmnote Date: Sat, 27 Apr 2024 17:00:05 +0900 Subject: [PATCH] signed container v4 (#30) * ci * ci * ci --- .github/workflows/{release.yml => ci.yml} | 16 ++++++++++---- .github/workflows/pull-request.yml | 27 ----------------------- README.md | 2 +- 3 files changed, 13 insertions(+), 32 deletions(-) rename .github/workflows/{release.yml => ci.yml} (86%) diff --git a/.github/workflows/release.yml b/.github/workflows/ci.yml similarity index 86% rename from .github/workflows/release.yml rename to .github/workflows/ci.yml index 4917dc1..db307f4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/ci.yml @@ -1,9 +1,14 @@ -name: release +name: ci on: push: + branches: + - 'main' tags: - 'v*' + pull_request: + branches: + - 'main' jobs: docker: @@ -14,17 +19,20 @@ jobs: id-token: write # needed for signing the images with GitHub OIDC Token steps: - uses: actions/checkout@v4 + - uses: docker/metadata-action@v5 id: docker_meta with: images: ghcr.io/${{ github.repository }} - tags: | - type=ref,event=tag + tags: | + type=ref,event=tag + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - uses: docker/build-push-action@v5 id: build_and_push with: @@ -35,7 +43,7 @@ jobs: - uses: sigstore/cosign-installer@v3 - name: Sign the images with GitHub OIDC Token - if: ${{ github.event_name != 'pull_request' }} + if: github.event_name != 'pull_request' env: DIGEST: ${{ steps.build_and_push.outputs.digest }} TAGS: ${{ steps.docker_meta.outputs.tags }} diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index bedb461..9ee0c25 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -45,30 +45,3 @@ jobs: - uses: shogo82148/actions-goveralls@v1 with: path-to-profile: profile.cov - - docker: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - id-token: write # needed for signing the images with GitHub OIDC Token - steps: - - uses: actions/checkout@v4 - - uses: docker/metadata-action@v5 - id: docker_meta - with: - images: ghcr.io/${{ github.repository }} - tags: | - type=ref,event=tag - - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - uses: docker/build-push-action@v5 - id: build_and_push - with: - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.docker_meta.outputs.tags }} - labels: ${{ steps.docker_meta.outputs.labels }} diff --git a/README.md b/README.md index 2e657a2..4c0b7b8 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # myip "What's my IP" application -[![release](https://github.com/kuoss/myip/actions/workflows/release.yml/badge.svg)](hhttps://github.com/kuoss/myip/actions/workflows/release.yml) +[![ci](https://github.com/kuoss/myip/actions/workflows/ci.yml/badge.svg)](https://github.com/kuoss/myip/actions/workflows/ci.yml) [![pull-request](https://github.com/kuoss/myip/actions/workflows/pull-request.yml/badge.svg)](https://github.com/kuoss/myip/actions/workflows/pull-request.yml) [![Coverage Status](https://coveralls.io/repos/github/kuoss/myip/badge.svg?branch=main)](https://coveralls.io/github/kuoss/myip?branch=main) [![GitHub license](https://img.shields.io/github/license/kuoss/myip.svg)](https://github.com/kuoss/myip/blob/main/LICENSE)