diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7675ceb..5f6c773 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,8 +6,9 @@ on: - main - dev - release/* - # paths: - # - dockerfile + paths: + - dockerfile + - files jobs: release: @@ -16,11 +17,11 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_KEY }} + # - name: Login to Docker Hub + # uses: docker/login-action@v3 + # with: + # username: ${{ secrets.DOCKERHUB_USER }} + # password: ${{ secrets.DOCKERHUB_KEY }} - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -29,8 +30,10 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: VULNERABILITY?? - run: echo ${{ secrets.DOCKERHUB_USER }} + # GitHub keeps secrets hidden from the console, printing '***' instead + ## TODO: Could they still be accessed using http requests? + # - name: VULNERABILITY?? + # run: echo ${{ secrets.DOCKERHUB_USER }} # This script saves an environment variable TAG to GITHUB_OUTPUT - name: Determine release tag from branch name @@ -41,8 +44,8 @@ jobs: env: TAG: ${{ steps.release-tag.outputs.TAG }} run: | - docker build . -t jackdeaniels/private:verdaccio-$TAG - docker tag jackdeaniels/private:verdaccio-$TAG ghcr.io/deanayalon/verdaccio:$TAG + docker build . -t ghcr.io/deanayalon/verdaccio:$TAG + # docker tag ghcr.io/deanayalon/verdaccio:$TAG jackdeaniels/private:verdaccio-$TAG - name: List images run: docker image ls @@ -51,5 +54,5 @@ jobs: env: TAG: ${{ steps.release-tag.outputs.tag }} run: | - docker push jackdeaniels/private:verdaccio-$TAG - docker push ghcr.io/deanayalon/verdaccio:$TAG \ No newline at end of file + docker push ghcr.io/deanayalon/verdaccio:$TAG + # docker push jackdeaniels/private:verdaccio-$TAG \ No newline at end of file