CICD

Author: sks

.github/workflows/artifacts.yaml

@@ -1,6 +1,8 @@
 name: Artifacts
 
 on:
+  push:
+    branches: [ main ]
   workflow_call:
     inputs:
       publish:
@@ -92,13 +94,13 @@ jobs:
 
       # Multiple exporters are not supported yet
       # See https://github.com/moby/buildkit/pull/2760
-      - name: Determine build output
-        uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1
-        id: build-output
-        with:
-          cond: ${{ inputs.publish }}
-          if_true: type=image,push=true
-          if_false: type=oci,dest=image.tar
+      # - name: Determine build output
+      #   uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1
+      #   id: build-output
+      #   with:
+      #     cond: ${{ inputs.publish }}
+      #     if_true: type=image,push=true
+      #     if_false: type=oci,dest=image.tar
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
@@ -108,12 +110,12 @@ jobs:
           password: ${{ github.token }}
         if: inputs.publish
 
-      - name: Login to Docker Hub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-        if: inputs.publish
+      # - name: Login to Docker Hub
+      #   uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+      #   with:
+      #     username: ${{ secrets.DOCKER_USERNAME }}
+      #     password: ${{ secrets.DOCKER_PASSWORD }}
+      #   if: inputs.publish
 
       - name: Build and push image
         id: build
@@ -130,7 +132,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           # cache-from: type=gha
           # cache-to: type=gha,mode=max
-          outputs: ${{ steps.build-output.outputs.value }}
+          outputs: type=image,push=true
           # push: ${{ inputs.publish }}
 
       - name: Sign the images with GitHub OIDC Token
@@ -153,10 +155,10 @@ jobs:
       #     name: "[${{ github.job }}] OCI tarball"
       #     path: image.tar
 
-      - name: Extract OCI tarball
-        run: |
-          mkdir -p image
-          tar -xf image.tar -C image
+      # - name: Extract OCI tarball
+      #   run: |
+      #     mkdir -p image
+      #     tar -xf image.tar -C image
 
       # - name: List tags
       #   run: skopeo --insecure-policy list-tags oci:image
@@ -183,13 +185,13 @@ jobs:
       #     subject-digest: ${{ steps.build.outputs.digest }}
       #     push-to-registry: true
 
-      - name: Generate build provenance attestation
-        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
-        with:
-          subject-name: ghcr.io/${{ github.repository }}
-          subject-digest: ${{ steps.build.outputs.digest }}
-          push-to-registry: true
-        if: inputs.publish
+      # - name: Generate build provenance attestation
+      #   uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
+      #   with:
+      #     subject-name: ghcr.io/${{ github.repository }}
+      #     subject-digest: ${{ steps.build.outputs.digest }}
+      #     push-to-registry: true
+      #   if: inputs.publish
 
       ## Use cache for the trivy-db to avoid the TOOMANYREQUESTS error https://github.com/aquasecurity/trivy-action/pull/397
       ## To avoid the trivy-db becoming outdated, we save the cache for one day