Revert permission #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Docker Images | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - v*.*.* | |
| paths: | |
| - 'src/**' | |
| - '.github/workflows/**' | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| image: | |
| - kali | |
| - linux-srv-00 | |
| - linux-srv-01 | |
| - linux-srv-02 | |
| - linux-srv-03 | |
| - linux-srv-04 | |
| - linux-srv-05 | |
| - linux-srv-06 | |
| - linux-srv-07 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/compasssecurity/${{ matrix.image }} | |
| tags: | | |
| # latest on main branch | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| # semantic versioning from git tags | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| # stable only on version tags | |
| type=raw,value=stable,enable=${{ startsWith(github.ref, 'refs/tags/v') }} | |
| # git sha | |
| type=sha | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./src/${{ matrix.image }} | |
| push: true | |
| no-cache: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |