From 9bb487ed707878afc5724d98ad84fc21b1693e0f Mon Sep 17 00:00:00 2001 From: sthope Date: Tue, 18 Mar 2025 19:40:19 +0100 Subject: [PATCH] first commit --- .gitea/workflows/build.yml | 86 ++++++++++++++++++++++++++++++++------ 1 file changed, 73 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 10e933a..6217121 100755 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -1,20 +1,80 @@ -name: OGX-Mini +name: Docker + on: - push: schedule: - - cron: "0 6 * * SUN" + - cron: '0 6 * * 0' + push: + branches: [ "main" ] + tags: [ 'v*.*.*' ] + pull_request: + branches: [ "main" ] + +env: + # Use docker.io for Docker Hub if empty + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + jobs: - ogx_mini: - name: OGX-Mini - runs-on: ubuntu-latest + build: - strategy: - matrix: - target: [PI_PICO, PI_PICOW] - project_name: [OGX-Mini] + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write steps: - - uses: actions/checkout@v4 - - name: Docker Build - run: docker build -t github_gitea_checker -f Dockerfile . \ No newline at end of file + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@v3.8.1 + with: + cosign-release: 'v2.2.4' + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.GH_USER }} + password: ${{ secrets.GH_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + labels: | + org.opencontainers.image.source=${{ github.repository }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.created=${{ steps.meta.outputs.created }} + org.opencontainers.image.authors=${{ steps.meta.outputs.authors }} + org.opencontainers.image.title=${{ github.repository }} + org.opencontainers.image.description=${{ github.repository }} + org.opencontainers.image.url=${{ github.event.repository.html_url }} + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v5 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + TAGS: ${{ steps.meta.outputs.tags }} + DIGEST: ${{ steps.build-and-push.outputs.digest }} + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} \ No newline at end of file