From daa7380ca55f504396b0dd68b89441e41fbdca35 Mon Sep 17 00:00:00 2001
From: Robert Waffen <rw@betadots.de>
Date: Fri, 19 Jun 2026 17:30:30 +0200
Subject: [PATCH] ci: update sync.yml for templating

Signed-off-by: Robert Waffen <rw@betadots.de>
---
 .sync.yml | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/.sync.yml b/.sync.yml
index 523b7f0..e3282cf 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -1,11 +1,46 @@
 ---
-.github/workflows/ci.yml:
+:global:
   matrix_command: bash matrix.sh build
   matrix_requires_yq: true
-  build_job_name: 'Build ${{ matrix.platform }} CI container'
   build_runner: '${{ matrix.runner }}'
   image_tag: 'ci/openvoxagent:${{ matrix.agent_semver }}-${{ matrix.platform }}'
   build_platforms: 'linux/${{ matrix.platform }}'
   build_args:
     - 'OPENVOX_RELEASE=${{ matrix.release }}'
     - 'OPENVOXAGENT_VERSION=${{ matrix.agent_version }}'
+.github/workflows/ci.yml:
+  build_job_name: 'Build ${{ matrix.platform }} CI container'
+.github/workflows/security_scanning.yml:
+  scan_job_name: 'Scan ${{ matrix.platform }} container'
+  sarif_category: 'grype-${{ matrix.platform }}'
+.github/workflows/build_container.yml:
+  publish_tag_patterns:
+    - 'v*'
+  publish_build_job_name: 'Build OpenVox agent ${{ matrix.agent_semver }} (${{ matrix.platform }})'
+  publish_build_arch: 'linux/${{ matrix.platform }}'
+  publish_tags:
+    - 'ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}-${{ github.sha }}-${{ matrix.platform }}'
+  publish_manifest_matrix_command: bash matrix.sh tag
+  publish_manifest_steps:
+    - name: Create ref-specific multi-architecture manifests
+      commands:
+        - >-
+          docker buildx imagetools create
+          -t ghcr.io/openvoxproject/openvoxagent:${{ matrix.agent_semver }}-${{ github.ref_name }}
+          -t ghcr.io/openvoxproject/openvoxagent:${{ matrix.agent_semver }}
+          -t ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}
+          -t docker.io/voxpupuli/openvoxagent:${{ matrix.agent_semver }}-${{ github.ref_name }}
+          -t docker.io/voxpupuli/openvoxagent:${{ matrix.agent_semver }}
+          -t docker.io/voxpupuli/openvoxagent:${{ matrix.release }}
+          ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}-${{ github.sha }}-arm64
+          ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}-${{ github.sha }}-amd64
+    - name: Update floating multi-architecture tags
+      if: "github.ref == 'refs/heads/main'"
+      commands:
+        - >-
+          docker buildx imagetools create
+          -t ghcr.io/openvoxproject/openvoxagent:latest
+          -t docker.io/voxpupuli/openvoxagent:latest
+          ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}-${{ github.sha }}-arm64
+          ghcr.io/openvoxproject/openvoxagent:${{ matrix.release }}-${{ github.sha }}-amd64
+  dockerhub_repository: voxpupuli/openvoxagent