testing app #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Build stage' | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| build_datetime: | ||
| description: 'Build datetime, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| build_timestamp: | ||
| description: 'Build timestamp, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| build_epoch: | ||
| description: 'Build epoch, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| nodejs_version: | ||
| description: 'Node.js version, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| python_version: | ||
| description: 'Python version, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| terraform_version: | ||
| description: 'Terraform version, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| version: | ||
| description: 'Version of the software, set by the CI/CD pipeline workflow' | ||
| required: true | ||
| type: string | ||
| commit_sha: | ||
| description: 'commit sha of the docker image' | ||
| required: true | ||
| type: string | ||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }} | ||
| DOCKER_METADATA_PR_HEAD_SHA: true | ||
| jobs: | ||
| build: | ||
| name: 'Build' | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 3 | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| attestations: write | ||
| id-token: write | ||
| steps: | ||
| - name: 'Checkout code' | ||
| uses: actions/checkout@v5 | ||
| - name: Log in to the Container registry | ||
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Extract metadata (tags, labels) for Docker | ||
| id: meta | ||
| uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f | ||
| with: | ||
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| tags: | | ||
| type=ref,event=tag | ||
| type=raw,value=${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || '{{branch}}' }} | ||
| type=raw,value=${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || '' }} | ||
| type=sha,format=long,prefix=git-sha- | ||
| - name: Build and push Docker image | ||
| id: push | ||
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 | ||
| with: | ||
| context: . | ||
| push: true | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| build-args: | ||
| - commit_sha: ${{ github.event.pull_request.head.sha }} | ||
| - name: Generate artifact attestation | ||
| uses: actions/attest-build-provenance@v3 | ||
| with: | ||
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | ||
| subject-digest: ${{ steps.push.outputs.digest }} | ||
| push-to-registry: true | ||
