Skip to content

Commit a7935fb

Browse files
jmcombsjmcombs
committed
Final changes (hopefully)
1 parent 92b3358 commit a7935fb

File tree

1 file changed

+15
-26
lines changed

1 file changed

+15
-26
lines changed

.github/workflows/build-and-publish.yml

Lines changed: 15 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -8,13 +8,18 @@ on:
88
branches:
99
- main
1010

11+
env:
12+
REGISTRY: ghcr.io
13+
IMAGE_NAME: ${{ github.repository }}
14+
1115
jobs:
1216
build-and-publish:
1317
runs-on: ubuntu-latest
14-
# Job-specific permissions that override workflow-level permissions
1518
permissions:
16-
contents: read # Required to check out the repository
17-
packages: write # Required to push packages to GHCR
19+
contents: read
20+
packages: write
21+
attestations: write
22+
id-token: write
1823

1924
steps:
2025
- name: Checkout repository
@@ -29,19 +34,19 @@ jobs:
2934
- name: Login to GitHub Container Registry
3035
uses: docker/login-action@v3
3136
with:
32-
registry: ghcr.io
33-
username: ${{ github.repository_owner }}
37+
registry: ${{ env.REGISTRY }}
38+
username: ${{ github.actor }}
3439
password: ${{ secrets.GITHUB_TOKEN }}
3540

3641
- name: Extract metadata
3742
id: meta
3843
uses: docker/metadata-action@v5
3944
with:
40-
images: ghcr.io/${{ github.repository }}
45+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
4146
tags: |
4247
type=raw,value=latest
4348
labels: |
44-
org.opencontainers.image.authors=${{ github.repository_owner }}
49+
org.opencontainers.image.authors=${{ github.actor }}
4550
4651
- name: Process metadata
4752
run: |
@@ -54,27 +59,11 @@ jobs:
5459
- name: Install Devcontainer CLI
5560
run: npm install -g @devcontainers/cli
5661

57-
- name: Debug GITHUB_TOKEN permissions
58-
run: |
59-
echo "Checking GITHUB_TOKEN authentication..."
60-
curl -s -w "\nHTTP_STATUS: %{http_code}\n" \
61-
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
62-
-H "Accept: application/vnd.github+json" \
63-
"https://api.github.com/user" > user_info.json
64-
cat user_info.json
65-
66-
echo "Testing repository packages..."
67-
curl -s -w "\nHTTP_STATUS: %{http_code}\n" \
68-
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
69-
-H "Accept: application/vnd.github+json" \
70-
"https://api.github.com/repos/${{ github.repository }}/packages?package_type=container" > repo_packages.json
71-
cat repo_packages.json
72-
7362
- name: Build and publish base-ubuntu container
7463
run: |
7564
cd src/base-ubuntu
7665
devcontainer build --workspace-folder . \
77-
--image-name ghcr.io/${{ github.repository }}:base-ubuntu \
66+
--image-name ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:base-ubuntu \
7867
--platform linux/arm64,linux/amd64 \
7968
--output type=registry \
8069
${{ env.LABEL_ARGS }}
@@ -83,7 +72,7 @@ jobs:
8372
run: |
8473
cd src/node
8574
devcontainer build --workspace-folder . \
86-
--image-name ghcr.io/${{ github.repository }}:node \
75+
--image-name ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:node \
8776
--platform linux/arm64,linux/amd64 \
8877
--output type=registry \
8978
${{ env.LABEL_ARGS }}
@@ -92,7 +81,7 @@ jobs:
9281
run: |
9382
cd src/python
9483
devcontainer build --workspace-folder . \
95-
--image-name ghcr.io/${{ github.repository }}:python \
84+
--image-name ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:python \
9685
--platform linux/arm64,linux/amd64 \
9786
--output type=registry \
9887
${{ env.LABEL_ARGS }}

0 commit comments

Comments
 (0)