diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000..b82d34c4 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,71 @@ +name: Publish Image to GHCR + +on: + release: + types: [published] + workflow_dispatch: + inputs: + tag: + description: "Name of the tag for the published image" + type: string + required: true +env: + IMAGE_NAME: trestle-bot + IMAGE_REGISTRY: ghcr.io/redhatproductsecurity + +jobs: + publish-image: + runs-on: 'ubuntu-latest' + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to ghcr.io + uses: redhat-actions/podman-login@v1 + with: + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ${{ env.IMAGE_REGISTRY }} + + - name: Check if triggered by release or workflow dispatch + id: check_event + run: echo ::set-output name=event_type::${{ toJson(github.event_name) }} + + # Using intermediary variable to process event based input + - name: Set TAG environment variable for Release + if: steps.check_event.outputs.event_type == 'release' + run: echo "TAG=${RELEASE_VERSION}" >> $GITHUB_ENV + env: + RELEASE_VERSION: ${{ github.event.release.tag_name }} + + - name: Set TAG environment variable for Workflow Dispatch + if: steps.check_event.outputs.event_type == 'workflow_dispatch' + run: echo "TAG=${INPUT_VERSION}" >> $GITHUB_ENV + env: + INPUT_VERSION: ${{ github.event.inputs.tag }} + + - name: Build image with Buildah + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_NAME }} + tags: ${{ env.TAG }} + containerfiles: | + ./Dockerfile + + - name: Push To GHCR + uses: redhat-actions/push-to-registry@v2 + id: push + with: + image: ${{ steps.build_image.outputs.image }} + tags: ${{ steps.build_image.outputs.tags }} + registry: ${{ env.IMAGE_REGISTRY }} + + - name: Echo outputs + run: | + echo "${{ toJSON(steps.push.outputs) }}" + + \ No newline at end of file