Skip to content

Bump version

Bump version #9

Workflow file for this run

name: Release
on:
push:
tags: ["v*"]
workflow_dispatch:
inputs:
tag:
description: "image tag prefix"
default: "rc"
required: true
permissions:
contents: write # needed to write releases
id-token: write # needed for keyless signing
packages: write # needed for ghcr access
env:
GHCR_CONTAINER_IMAGE: ghcr.io/nex-health/passenger-exporter
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Prepare
id: prep
run: |
VERSION="${{ github.event.inputs.tag }}-${GITHUB_SHA::8}"
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF/refs\/tags\//}
fi
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: nexerbot
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build
run: make build
- name: Generate images meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.GHCR_CONTAINER_IMAGE }}
tags: |
type=raw,value=${{ steps.prep.outputs.VERSION }}
type=raw,value=latest
- name: Build and tag image
id: build
uses: docker/build-push-action@v5
with:
push: true
sbom: true
provenance: true
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- uses: sigstore/cosign-installer@v3
- name: Sign images
env:
COSIGN_EXPERIMENTAL: 1
run: |
cosign sign --yes ${{ env.GHCR_CONTAINER_IMAGE }}@${{ steps.build.outputs.digest }}