remove buildah

.github/workflows/build-release.yml

@@ -6,81 +6,7 @@ on:
     types: [published] # build on release
 
 jobs:
-  build-ubi:
-    runs-on: ubuntu-latest # use the GitHub hosted runners
-    permissions:
-      contents: write # for uploading the SBOM to the release
-      packages: write # for uploading the finished container
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      id-token: write # to complete the identity challenge with sigstore/fulcio when running outside of PRs
-    strategy:
-      matrix:
-        os: [ubi8, ubi9]
-        arch: [amd64, arm64]
-    continue-on-error: true
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set version
-        run: echo "VERSION=$(cat ${GITHUB_EVENT_PATH} | jq -r '.release.tag_name')" >> $GITHUB_ENV
-        if: github.event_name == 'release'
-
-      - name: Set short SHA
-        run: echo "SHA_SHORT=${GITHUB_SHA::7}" >> $GITHUB_ENV
-
-      - name: Build the image
-        id: build-image
-        uses: redhat-actions/buildah-build@v2
-        with:
-          image: ghcr.io/${{ github.repository }}/${{ matrix.os }}
-          archs: ${{ matrix.arch }}
-          tags: latest ${{ env.VERSION }} ${{ env.VERSION }}-${{ env.SHA_SHORT }}
-          containerfiles: images/ubi8.Dockerfile
-
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        with:
-          image: ${{ steps.build-image.outputs.image }}
-          tags: ${{ steps.build-image.outputs.tags }}
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-          digestfile: digest.txt
-
-      - name: Run Anchore scan
-        uses: anchore/scan-action@v3
-        id: scan
-        with:
-          image: "ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.VERSION }}"
-          fail-build: false
-
-      - name: Upload Anchore scan report
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
-
-      - name: Generate SBOM for the UBI runners
-        uses: anchore/sbom-action@v0
-        with:
-          image: ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.VERSION }}-${{ env.SHA_SHORT }}
-
-      - name: Get image digest
-        run: echo "IMAGE_DIGEST=$(cat digest.txt)" >> $GITHUB_ENV
-
-      - name: Install cosign
-        uses: sigstore/cosign-installer@main
-
-      - name: Log in to GHCR
-        run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
-
-      - name: Sign the published Docker image
-        env:
-          COSIGN_EXPERIMENTAL: "true"
-        run: cosign sign -y ghcr.io/${{ github.repository }}/${{ matrix.os }}@${{ env.IMAGE_DIGEST }}
-
-  build-ubuntu:
+  build-all:
     runs-on: ubuntu-latest # use the GitHub-hosted runner to build the image
     permissions:
       contents: write # for uploading the SBOM to the release
@@ -89,7 +15,7 @@ jobs:
       id-token: write # to complete the identity challenge with sigstore/fulcio when running outside of PRs
     strategy:
       matrix:
-        os: [rootless-ubuntu-jammy]
+        os: [rootless-ubuntu-jammy, ubi8, ubi9]
         arch: [amd64, arm64]
     continue-on-error: true
 
@@ -126,7 +52,6 @@ jobs:
           tags: |
             ghcr.io/${{ github.repository }}/${{ matrix.os }}:latest
             ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.SHA_SHORT }}
-            ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.VERSION }}-${{ env.SHA_SHORT }}
 
       - name: Scan it
         uses: anchore/scan-action@v3
@@ -165,5 +90,4 @@ jobs:
       - name: Push the signed image, other tags
         run: |
           docker push ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.SHA_SHORT }}
-          docker push ghcr.io/${{ github.repository }}/${{ matrix.os }}:${{ env.VERSION }}-${{ env.SHA_SHORT }}
           docker push ghcr.io/${{ github.repository }}/${{ matrix.os }}:latest