Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating build action to include provenance #182

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Updating build action to include provenance #182

wants to merge 2 commits into from
+34 −23

Conversation

johnsimons
Copy link
Member

@johnsimons johnsimons commented Feb 10, 2025
edited
Loading

This is to fix
image

@johnsimons
Using native action to login to ghcr.io
de883e2 
Replaced multiple tagging commands with a single one
@johnsimons johnsimons self-assigned this Feb 10, 2025
johnsimons
johnsimons commented Feb 10, 2025
View reviewed changes
.github/workflows/push-container-images.yml
Invoke-Expression $cmd
Write-Output "::endgroup::"
}
$tagsCLI = $tags -replace "^", "--tag particular/servicecontrol-masstransit-connector:"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replaced multiple commands with a single command

johnsimons
johnsimons commented Feb 10, 2025
View reviewed changes
.github/workflows/push-container-images.yml
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
uses: docker/login-action@v3
with:
registry: ghcr.io
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using the Github action to authenticate to Github registry

johnsimons
johnsimons commented Feb 10, 2025
View reviewed changes
.github/workflows/release.yml
docker buildx imagetools inspect ghcr.io/particular/servicecontrol-masstransit-connector:${{ env.TAG_NAME }}
uses: docker/login-action@v3
with:
registry: ghcr.io
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using the Github action to authenticate to Github registry

johnsimons
johnsimons commented Feb 10, 2025
View reviewed changes
.github/workflows/release.yml
id: date
run: echo "::set-output name=date::$(date +'+%FT%TZ')"
- name: Build and push image to GitHub container registry
uses: docker/build-push-action@v6
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using Github action to push and tag image.
This will use provenance

@johnsimons johnsimons force-pushed the john/native branch 3 times, most recently from 74b4a22 to 0b38e43 Compare February 10, 2025 02:04
@johnsimons
Replace login script with action
6eddac1 
Using build-push-action instead of script
This adds the provenance by default, see https://docs.docker.com/build/ci/github-actions/attestations/#default-provenance
This given the image a better score in dockerhub scout health score
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PhilBastian PhilBastian Awaiting requested review from PhilBastian

@irinascurtu irinascurtu Awaiting requested review from irinascurtu

@ramonsmits ramonsmits Awaiting requested review from ramonsmits

Assignees

@johnsimons johnsimons

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@johnsimons