Skip to content

Commit e1f7930

Browse files
committed
Add GHCR publish job to CI workflow
Publishes Docker image to ghcr.io on every push to main, after all existing checks (lint, import-check, security, docker) pass. Tags with latest and sha-<commit>.
1 parent f4aefa2 commit e1f7930

1 file changed

Lines changed: 26 additions & 0 deletions

File tree

.github/workflows/ci.yml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ on:
88

99
permissions:
1010
contents: read
11+
packages: write
1112

1213
jobs:
1314
lint:
@@ -54,3 +55,28 @@ jobs:
5455
user=$(docker run --rm postalcode2nuts whoami)
5556
echo "Container user: $user"
5657
[ "$user" = "appuser" ] || exit 1
58+
59+
publish:
60+
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
61+
needs: [lint, import-check, security, docker]
62+
runs-on: ubuntu-latest
63+
steps:
64+
- uses: actions/checkout@v4
65+
- uses: docker/login-action@v3
66+
with:
67+
registry: ghcr.io
68+
username: ${{ github.actor }}
69+
password: ${{ secrets.GITHUB_TOKEN }}
70+
- uses: docker/metadata-action@v5
71+
id: meta
72+
with:
73+
images: ghcr.io/${{ github.repository }}
74+
tags: |
75+
type=raw,value=latest
76+
type=sha
77+
- uses: docker/build-push-action@v6
78+
with:
79+
context: .
80+
push: true
81+
tags: ${{ steps.meta.outputs.tags }}
82+
labels: ${{ steps.meta.outputs.labels }}

0 commit comments

Comments
 (0)