From d53f3a34f43675d3fb823f53c3b220965b7160f8 Mon Sep 17 00:00:00 2001
From: Ryn Cao <cao7113@gmail.com>
Date: Mon, 8 Jul 2024 19:43:31 +0800
Subject: [PATCH] fix: try push image to github packages

---
 .github/workflows/cd.yml | 35 ++++++++++++++++++++++++-----------
 1 file changed, 24 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 09665ad..7c0fbda 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -7,6 +7,10 @@ on:
 permissions:
   contents: write
 
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
 jobs:
   fly-deploy:
     name: Deploy fly app
@@ -31,13 +35,13 @@ jobs:
           # https://github.com/cao7113/hello-api-elixir/settings/secrets/actions
           FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
 
-  push-dockerhub:
-    name: Push Docker image to Docker Hub
+  push-images:
+    name: Push Docker image to Docker Hub and Github Packages
     runs-on: ubuntu-latest
     permissions:
       packages: write
       contents: read
-      # attestations: write
+      attestations: write
       id-token: write
     steps:
       - name: Check out the repo
@@ -50,12 +54,21 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       # https://github.com/docker/metadata-action
       - name: Extract metadata (tags, labels) for Docker
         id: meta
         uses: docker/metadata-action@v5
         with:
-          images: cao7113/hello-api-elixir
+          images: |
+            cao7113/hello-api-elixir
+            ghcr.io/${{ github.repository }}
 
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
@@ -68,13 +81,13 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
-      ## enable below??? https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-docker-hub
-      # - name: Generate artifact attestation
-      #   uses: actions/attest-build-provenance@v1
-      #   with:
-      #     subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
-      #     subject-digest: ${{ steps.push.outputs.digest }}
-      #     push-to-registry: true
+      # https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-docker-hub
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true
 
   release-tar:
     # strategy: