Skip to content

Merge pull request #122 from DazWilkin/dependabot/go_modules/google.g… #57

Merge pull request #122 from DazWilkin/dependabot/go_modules/google.g…

Merge pull request #122 from DazWilkin/dependabot/go_modules/google.g… #57

Workflow file for this run

name: build
on:
push:
branches:
- master
jobs:
gcp-exporter:
name: gcp-exporter
runs-on: ubuntu-latest
env:
REPO: dazwilkin/gcp-exporter
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup
uses: docker/setup-buildx-action@v3
- name: Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR }}
- name: Get kernel version
run: echo "VERSION=$(uname --kernel-release)" >> ${GITHUB_ENV}
- name: docker build && docker push
# id used here in order to provide the output (digest) from this step to cosign sign
# docker/build-push-action outputs are defined here:
# https://github.com/docker/build-push-action#outputs
id: docker-build-push
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
build-args: |
VERSION=${{ env.VERSION }}
COMMIT=${{ github.sha }}
tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
push: true
- name: Install Cosign
uses: sigstore/cosign-installer@main
- name: Write signing key to disk (only needed for `cosign sign --key`)
run: echo "${{ secrets.SIGNING }}" > ./cosign.key
- name: Sign container image
run: |
cosign sign \
--yes \
--key=./cosign.key \
--annotations="repo=${{ github.repository }}" \
--annotations="workflow=${{ github.workflow }}" \
--annotations="commit=${{ github.sha }}" \
--annotations="version=${{ env.VERSION }}" \
ghcr.io/${{ env.REPO }}@${{ steps.docker-build-push.outputs.digest }}
env:
COSIGN_PASSWORD: ""
- name: revise occurrences of the image
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Actions"
for FILENAME in "./docker-compose.yml" "./kubernetes.yaml" "./README.md"
do
sed \
--in-place \
"s|ghcr.io/${{ env.REPO }}:[0-9a-f]\{40\}|ghcr.io/${{ env.REPO }}:${{ github.sha }}|g" \
${FILENAME}
git add ${FILENAME}
done
git commit --message "GitHub Actions update image references"
git push origin master