Publish as `latest` #73

	name: Publish Docker Image
	on:
	push:
	branches:
	- main
	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	REGISTRY: docker.io
	IMAGE_NAME: knuthuehne/jedeschule-scrapers
	permissions:
	packages: write
	contents: read
	attestations: write
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Log in to Docker Hub
	uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}
	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
	with:
	images: ${{ env.IMAGE_NAME}}
	tags: \|
	type=raw,value=latest
	type=sha
	- name: Build and push Docker image
	id: push
	uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
	with:
	context: .
	file: ./Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	- name: Generate artifact attestation
	uses: actions/attest-build-provenance@v2
	with:
	subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
	subject-digest: ${{ steps.push.outputs.digest }}
	push-to-registry: true
	deploy:
	needs: build
	runs-on: ubuntu-latest
	environment: server
	steps:
	- name: Pull latest docker images and restart
	uses: appleboy/ssh-action@v1.0.3
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.KEY }}
	port: ${{ secrets.PORT }}
	script: \|
	cd /home/jedeschule/
	sudo docker-compose pull scrapers
	sudo docker-compose up --detach --build scrapers
	sudo docker image prune -f

Provide feedback