build(deps): Bump docker/build-push-action from 5.3.0 to 5.4.0 (#3) #19

Workflow file for this run

.github/workflows/build-ubuntu-image.yml at 49fd1ab

	name: Build and Publish Ubuntu Image

	on:
	push:
	branches: [ "main" ]
	paths:
	- configs/Ubuntu/Dockerfile
	- .github/workflows/build-ubuntu-image.yml
	workflow_dispatch:

	env:
	REGISTRY1: ghcr.io
	REGISTRY2: docker.io
	REGISTRY3: quay.io
	IMAGE_NAME: kasm-dev-ubuntu

	jobs:

	ubuntu-image-docker:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	attestations: write
	steps:
	- uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY2 }}
	username: ${{ github.actor }}
	password: ${{ secrets.DOCKER_TOKEN }}

	- name: Build and push image
	id: push-docker
	uses: docker/build-push-action@v5.4.0
	with:
	context: configs/Ubuntu
	push: true
	tags: ${{ env.REGISTRY2 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest

	- uses: sigstore/cosign-installer@v3.5.0
	- name: Sign container image
	run: \|
	cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY2 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest
	env:
	COSIGN_EXPERIMENTAL: false
	COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}

	- name: Attest pushed image
	uses: actions/attest-build-provenance@v1
	id: attest
	with:
	subject-name: index.docker.io/${{ github.actor }}/${{ env.IMAGE_NAME }}
	subject-digest: ${{ steps.push-docker.outputs.digest }}
	push-to-registry: true

	ubuntu-image-ghcr:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	packages: write
	attestations: write
	steps:
	- uses: actions/checkout@v4

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY1 }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push image
	id: push-ghcr
	uses: docker/build-push-action@v5.4.0
	with:
	context: configs/Ubuntu
	push: true
	tags: ${{ env.REGISTRY1 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest

	- uses: sigstore/cosign-installer@v3.5.0
	- name: Sign container image
	run: \|
	cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY1 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest
	env:
	COSIGN_EXPERIMENTAL: false
	COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}

	- name: Attest pushed image
	uses: actions/attest-build-provenance@v1
	id: attest
	with:
	subject-name: ${{ env.REGISTRY1 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}
	subject-digest: ${{ steps.push-ghcr.outputs.digest }}
	push-to-registry: true

	ubuntu-image-quay:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	attestations: write
	steps:
	- uses: actions/checkout@v4

	- name: Login to QUAY
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY3 }}
	username: ${{ secrets.QUAY_USER }}
	password: ${{ secrets.QUAY_TOKEN }}

	- name: Build and push image
	id: push-quay
	uses: docker/build-push-action@v5.4.0
	with:
	context: configs/Ubuntu
	push: true
	tags: ${{ env.REGISTRY3 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest

	- uses: sigstore/cosign-installer@v3.5.0
	- name: Sign container image
	run: \|
	cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY3 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}:latest
	env:
	COSIGN_EXPERIMENTAL: false
	COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}

	- name: Attest pushed image
	uses: actions/attest-build-provenance@v1
	id: attest
	with:
	subject-name: ${{ env.REGISTRY3 }}/${{ github.actor }}/${{ env.IMAGE_NAME }}
	subject-digest: ${{ steps.push-quay.outputs.digest }}
	push-to-registry: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump docker/build-push-action from 5.3.0 to 5.4.0 (#3) #19

Workflow file

build(deps): Bump docker/build-push-action from 5.3.0 to 5.4.0 (#3) #19

Jobs

Run details

Workflow file for this run