Skip to content

chore(release): v0.5.0 #152

chore(release): v0.5.0

chore(release): v0.5.0 #152

Workflow file for this run

name: Build and Push Docker Image
on:
push:
branches: [main]
tags:
- "v*"
paths:
- "src/**"
- "package*.json"
- "tsconfig.json"
- "tsconfig.build.json"
- "Dockerfile"
- "docker-compose.yaml"
- "scripts/docker-handshake.mjs"
- ".github/workflows/docker.yml"
pull_request:
branches: [main]
paths:
- "src/**"
- "package*.json"
- "tsconfig.json"
- "tsconfig.build.json"
- "Dockerfile"
- "docker-compose.yaml"
- "scripts/docker-handshake.mjs"
- ".github/workflows/docker.yml"
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
# Least-privilege default for the whole workflow; the build job widens only to
# packages:write for the GHCR push.
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=sha,prefix=
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push Docker image
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max