|
17 | 17 | test_build: |
18 | 18 | name: Test Build (${{ matrix.arch }}) |
19 | 19 | runs-on: ubuntu-latest |
| 20 | + defaults: |
| 21 | + run: |
| 22 | + shell: nix develop --command bash {0} |
20 | 23 | permissions: |
21 | 24 | contents: read # required for actions/checkout |
| 25 | + packages: write # required for pushing to GHCR |
22 | 26 | strategy: |
23 | 27 | max-parallel: 1 |
24 | 28 | matrix: |
|
67 | 71 | sysdig-secure-url: ${{ secrets.SECURE_ENV_MON_ENDPOINT }} |
68 | 72 | stop-on-failed-policy-eval: true |
69 | 73 | stop-on-processing-error: true |
| 74 | + |
| 75 | + - name: Log in to GitHub Container Registry |
| 76 | + run: echo "${{ secrets.GITHUB_TOKEN }}" | skopeo login ghcr.io -u "${{ github.actor }}" --password-stdin |
| 77 | + |
| 78 | + - name: Push image by digest |
| 79 | + env: |
| 80 | + REGISTRY: ghcr.io/sysdiglabs/sysdig-mcp-server |
| 81 | + run: | |
| 82 | + skopeo copy --digestfile /tmp/digest \ |
| 83 | + docker-archive:result \ |
| 84 | + docker://$REGISTRY --format oci |
| 85 | +
|
| 86 | + mkdir -p /tmp/digests |
| 87 | + cp /tmp/digest /tmp/digests/${{ matrix.arch }} |
| 88 | +
|
| 89 | + - name: Upload digest |
| 90 | + uses: actions/upload-artifact@v5 |
| 91 | + with: |
| 92 | + name: digests-${{ matrix.arch }} |
| 93 | + path: /tmp/digests/* |
| 94 | + if-no-files-found: error |
| 95 | + retention-days: 1 |
| 96 | + |
| 97 | + push_pr_image: |
| 98 | + name: Push PR image to GitHub Packages |
| 99 | + runs-on: ubuntu-latest |
| 100 | + needs: [test_build] |
| 101 | + if: github.event_name == 'pull_request' |
| 102 | + permissions: |
| 103 | + contents: read |
| 104 | + packages: write |
| 105 | + env: |
| 106 | + REGISTRY: ghcr.io/sysdiglabs/sysdig-mcp-server |
| 107 | + steps: |
| 108 | + - name: Download digests |
| 109 | + uses: actions/download-artifact@v6 |
| 110 | + with: |
| 111 | + path: /tmp/digests |
| 112 | + pattern: digests-* |
| 113 | + merge-multiple: true |
| 114 | + |
| 115 | + - name: Set up Docker Buildx |
| 116 | + uses: docker/setup-buildx-action@v3 |
| 117 | + |
| 118 | + - name: Log in to GitHub Container Registry |
| 119 | + uses: docker/login-action@v3 |
| 120 | + with: |
| 121 | + registry: ghcr.io |
| 122 | + username: ${{ github.actor }} |
| 123 | + password: ${{ secrets.GITHUB_TOKEN }} |
| 124 | + |
| 125 | + - name: Create manifest list and push |
| 126 | + env: |
| 127 | + PR_NUMBER: ${{ github.event.pull_request.number }} |
| 128 | + working-directory: /tmp/digests |
| 129 | + run: | |
| 130 | + docker buildx imagetools create --tag $REGISTRY:pr-${PR_NUMBER} \ |
| 131 | + $(printf "$REGISTRY@%s " $(cat *)) |
| 132 | +
|
| 133 | + - name: Inspect image |
| 134 | + env: |
| 135 | + PR_NUMBER: ${{ github.event.pull_request.number }} |
| 136 | + run: docker buildx imagetools inspect $REGISTRY:pr-${PR_NUMBER} |
0 commit comments