mirror of
https://github.com/docker/build-push-action.git
synced 2026-06-12 15:45:29 +08:00
Compare commits
2 Commits
dependabot
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
d2aace88c2 | ||
|
|
ffca5157f0 |
12
.github/workflows/.e2e-run.yml
vendored
12
.github/workflows/.e2e-run.yml
vendored
@@ -10,6 +10,9 @@ on:
|
|||||||
type:
|
type:
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
|
provider:
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
name:
|
name:
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
@@ -108,9 +111,16 @@ jobs:
|
|||||||
driver-opts: |
|
driver-opts: |
|
||||||
image=${{ matrix.buildkit_image }}
|
image=${{ matrix.buildkit_image }}
|
||||||
network=host
|
network=host
|
||||||
|
-
|
||||||
|
name: Configure AWS credentials
|
||||||
|
if: inputs.provider == 'aws'
|
||||||
|
uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b # v6.2.0
|
||||||
|
with:
|
||||||
|
role-to-assume: arn:aws:iam::175142243308:role/official_gha_cicd
|
||||||
|
aws-region: us-east-1
|
||||||
-
|
-
|
||||||
name: Login to Registry
|
name: Login to Registry
|
||||||
if: github.event_name != 'pull_request' && (inputs.type == 'remote' || env.REGISTRY_USER != '')
|
if: github.event_name != 'pull_request' && (inputs.type == 'remote' || inputs.provider == 'aws' || env.REGISTRY_USER != '')
|
||||||
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
|
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
|
||||||
with:
|
with:
|
||||||
registry: ${{ env.REGISTRY_FQDN || inputs.registry }}
|
registry: ${{ env.REGISTRY_FQDN || inputs.registry }}
|
||||||
|
|||||||
53
.github/workflows/e2e.yml
vendored
53
.github/workflows/e2e.yml
vendored
@@ -22,6 +22,7 @@ jobs:
|
|||||||
uses: ./.github/workflows/.e2e-run.yml
|
uses: ./.github/workflows/.e2e-run.yml
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
|
id-token: write # to get AWS credentials
|
||||||
packages: write # to push image to GHCR
|
packages: write # to push image to GHCR
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
@@ -30,100 +31,100 @@ jobs:
|
|||||||
-
|
-
|
||||||
name: Distribution
|
name: Distribution
|
||||||
id: distribution
|
id: distribution
|
||||||
auth: none
|
provider: none
|
||||||
type: local
|
type: local
|
||||||
-
|
-
|
||||||
name: Docker Hub
|
name: Docker Hub
|
||||||
registry: ''
|
registry: ''
|
||||||
slug: dockereng/build-push-action-test
|
slug: dockereng/build-push-action-test
|
||||||
auth: dockerhub
|
provider: dockerhub
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: GitHub
|
name: GitHub
|
||||||
registry: ghcr.io
|
registry: ghcr.io
|
||||||
slug: ghcr.io/docker/build-push-action-test
|
slug: ghcr.io/docker/build-push-action-test
|
||||||
auth: ghcr
|
provider: ghcr
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: GitLab
|
name: GitLab
|
||||||
registry: registry.gitlab.com
|
registry: registry.gitlab.com
|
||||||
slug: registry.gitlab.com/test1716/test
|
slug: registry.gitlab.com/test1716/test
|
||||||
auth: gitlab
|
provider: gitlab
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: AWS ECR
|
name: AWS ECR
|
||||||
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
|
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
|
||||||
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
|
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
|
||||||
auth: aws
|
provider: aws
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: AWS ECR Public
|
name: AWS ECR Public
|
||||||
registry: public.ecr.aws
|
registry: public.ecr.aws
|
||||||
slug: public.ecr.aws/q3b5f1u4/test-docker-action
|
slug: public.ecr.aws/q3b5f1u4/test-docker-action
|
||||||
auth: aws
|
provider: aws
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: Google Artifact Registry
|
name: Google Artifact Registry
|
||||||
registry: us-east4-docker.pkg.dev
|
registry: us-east4-docker.pkg.dev
|
||||||
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
|
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
|
||||||
auth: gar
|
provider: gar
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: Azure Container Registry
|
name: Azure Container Registry
|
||||||
registry: officialgithubactions.azurecr.io
|
registry: officialgithubactions.azurecr.io
|
||||||
slug: officialgithubactions.azurecr.io/test-docker-action
|
slug: officialgithubactions.azurecr.io/test-docker-action
|
||||||
auth: acr
|
provider: acr
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: Quay
|
name: Quay
|
||||||
registry: quay.io
|
registry: quay.io
|
||||||
slug: quay.io/docker_build_team/ghactiontest
|
slug: quay.io/docker_build_team/ghactiontest
|
||||||
auth: quay
|
provider: quay
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: Artifactory
|
name: Artifactory
|
||||||
registry: infradock.jfrog.io
|
registry: infradock.jfrog.io
|
||||||
slug: infradock.jfrog.io/test-ghaction/build-push-action
|
slug: infradock.jfrog.io/test-ghaction/build-push-action
|
||||||
auth: artifactory
|
provider: artifactory
|
||||||
type: remote
|
type: remote
|
||||||
-
|
-
|
||||||
name: Harbor
|
name: Harbor
|
||||||
id: harbor
|
id: harbor
|
||||||
auth: none
|
provider: none
|
||||||
type: local
|
type: local
|
||||||
-
|
-
|
||||||
name: Nexus
|
name: Nexus
|
||||||
id: nexus
|
id: nexus
|
||||||
auth: none
|
provider: none
|
||||||
type: local
|
type: local
|
||||||
with:
|
with:
|
||||||
id: ${{ matrix.id }}
|
id: ${{ matrix.id }}
|
||||||
type: ${{ matrix.type }}
|
type: ${{ matrix.type }}
|
||||||
|
provider: ${{ matrix.provider }}
|
||||||
name: ${{ matrix.name }}
|
name: ${{ matrix.name }}
|
||||||
registry: ${{ matrix.registry }}
|
registry: ${{ matrix.registry }}
|
||||||
slug: ${{ matrix.slug }}
|
slug: ${{ matrix.slug }}
|
||||||
secrets:
|
secrets:
|
||||||
# Pass only the registry-specific secrets needed by each matrix entry.
|
# Pass only the registry-specific secrets needed by each matrix entry.
|
||||||
# GHCR uses the called workflow's GITHUB_TOKEN fallback.
|
# GHCR uses the called workflow's GITHUB_TOKEN fallback.
|
||||||
|
# AWS ECR uses OIDC to get credentials.
|
||||||
registry_username: >-
|
registry_username: >-
|
||||||
${{
|
${{
|
||||||
matrix.auth == 'dockerhub' && vars.DOCKERPUBLICBOT_USERNAME ||
|
matrix.provider == 'dockerhub' && vars.DOCKERPUBLICBOT_USERNAME ||
|
||||||
matrix.auth == 'gitlab' && secrets.GITLAB_USERNAME ||
|
matrix.provider == 'gitlab' && secrets.GITLAB_USERNAME ||
|
||||||
matrix.auth == 'aws' && secrets.AWS_ACCESS_KEY_ID ||
|
matrix.provider == 'gar' && secrets.GAR_USERNAME ||
|
||||||
matrix.auth == 'gar' && secrets.GAR_USERNAME ||
|
matrix.provider == 'acr' && secrets.AZURE_CLIENT_ID ||
|
||||||
matrix.auth == 'acr' && secrets.AZURE_CLIENT_ID ||
|
matrix.provider == 'quay' && secrets.QUAY_USERNAME ||
|
||||||
matrix.auth == 'quay' && secrets.QUAY_USERNAME ||
|
matrix.provider == 'artifactory' && secrets.ARTIFACTORY_USERNAME ||
|
||||||
matrix.auth == 'artifactory' && secrets.ARTIFACTORY_USERNAME ||
|
|
||||||
''
|
''
|
||||||
}}
|
}}
|
||||||
registry_password: >-
|
registry_password: >-
|
||||||
${{
|
${{
|
||||||
matrix.auth == 'dockerhub' && secrets.DOCKERPUBLICBOT_WRITE_PAT ||
|
matrix.provider == 'dockerhub' && secrets.DOCKERPUBLICBOT_WRITE_PAT ||
|
||||||
matrix.auth == 'gitlab' && secrets.GITLAB_TOKEN ||
|
matrix.provider == 'gitlab' && secrets.GITLAB_TOKEN ||
|
||||||
matrix.auth == 'aws' && secrets.AWS_SECRET_ACCESS_KEY ||
|
matrix.provider == 'gar' && secrets.GAR_JSON_KEY ||
|
||||||
matrix.auth == 'gar' && secrets.GAR_JSON_KEY ||
|
matrix.provider == 'acr' && secrets.AZURE_CLIENT_SECRET ||
|
||||||
matrix.auth == 'acr' && secrets.AZURE_CLIENT_SECRET ||
|
matrix.provider == 'quay' && secrets.QUAY_TOKEN ||
|
||||||
matrix.auth == 'quay' && secrets.QUAY_TOKEN ||
|
matrix.provider == 'artifactory' && secrets.ARTIFACTORY_TOKEN ||
|
||||||
matrix.auth == 'artifactory' && secrets.ARTIFACTORY_TOKEN ||
|
|
||||||
''
|
''
|
||||||
}}
|
}}
|
||||||
|
|||||||
2
.github/workflows/pr-assign-author.yml
vendored
2
.github/workflows/pr-assign-author.yml
vendored
@@ -11,7 +11,7 @@ on:
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
run:
|
run:
|
||||||
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@716fd1c51a46c5d93a41d44a94b439c9ee802536 # v1.10.0
|
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
pull-requests: write
|
pull-requests: write
|
||||||
|
|||||||
2
.github/workflows/zizmor.yml
vendored
2
.github/workflows/zizmor.yml
vendored
@@ -19,7 +19,7 @@ on:
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
zizmor:
|
zizmor:
|
||||||
uses: crazy-max/.github/.github/workflows/zizmor.yml@716fd1c51a46c5d93a41d44a94b439c9ee802536 # v1.10.0
|
uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
security-events: write
|
security-events: write
|
||||||
|
|||||||
Reference in New Issue
Block a user