# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. # GitHub recommends pinning actions to a commit SHA. # To get a newer version, you will need to update the SHA. # You can also reference a tag or branch, but the action may change without warning. name: Publish Docker image on: push: tags: - 'v*' workflow_dispatch: jobs: test: name: Go Test runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: go.mod - name: Install libvips run: | sudo apt-get update sudo apt-get install -y libvips-dev - name: Verify libvips install run: vips --version - name: Build run: go build -v ./... - name: Test uses: robherley/go-test-action@v0 push_to_registry: name: Push Docker image to Docker Hub needs: test runs-on: ubuntu-latest permissions: packages: write contents: read attestations: write id-token: write steps: - name: Check out the repo uses: actions/checkout@v4 - name: Log in to Docker Hub uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 with: images: gabehf/koito - name: Extract tag version id: extract_version run: echo "KOITO_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - name: Build and push Docker image id: push uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 with: context: . file: ./Dockerfile push: true tags: | gabehf/koito:latest gabehf/koito:${{ env.KOITO_VERSION }} build-args: | KOITO_VERSION=${{ env.KOITO_VERSION }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v2 with: subject-name: index.docker.io/gabehf/koito subject-digest: ${{ steps.push.outputs.digest }} push-to-registry: true