1+ name : Publish Docker image
2+
3+ on :
4+ release :
5+ types : [published]
6+
7+ jobs :
8+ push_to_registries :
9+ name : Push Docker image to multiple registries
10+ runs-on : ubuntu-latest
11+ permissions :
12+ packages : write
13+ contents : read
14+ attestations : write
15+ id-token : write
16+ steps :
17+ - name : Check out the repo
18+ uses : actions/checkout@v4
19+
20+ - name : Log in to Docker Hub
21+ uses : docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
22+ with :
23+ username : ${{ secrets.DOCKER_USERNAME }}
24+ password : ${{ secrets.DOCKER_PASSWORD }}
25+
26+ - name : Log in to the Container registry
27+ uses : docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
28+ with :
29+ registry : ghcr.io
30+ username : ${{ github.actor }}
31+ password : ${{ secrets.GITHUB_TOKEN }}
32+
33+ - name : Extract metadata (tags, labels) for Docker
34+ id : meta
35+ uses : docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
36+ with :
37+ images : |
38+ my-docker-hub-namespace/my-docker-hub-repository
39+ ghcr.io/${{ github.repository }}
40+
41+ name : Build and push Docker images
42+ id : push
43+ uses : docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
44+ with :
45+ context : .
46+ push : true
47+ tags : ${{ steps.meta.outputs.tags }}
48+ labels : ${{ steps.meta.outputs.labels }}
49+
50+ - name : Generate artifact attestation
51+ uses : actions/attest-build-provenance@v2
52+ with :
53+ subject-name : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
54+ subject-digest : ${{ steps.push.outputs.digest }}
55+ push-to-registry : true
56+ cleanup_registries :
57+ - needs : push_to_registries
58+ name : ghcr.io cleanup action
59+ runs-on : ubuntu-latest
60+ steps :
61+ - uses : dataaxiom/ghcr-cleanup-action@v1
62+ with :
63+ token : ${{ secrets.GITHUB_TOKEN }}
64+ owner : slingexe
65+ repository : hackmud-chat-client
66+ package : hackmud-chat-client
67+ delete-untagged : true
68+ dry-run : true
0 commit comments