Skip to content

chore: update GitHub workflow to modern standards #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
voron merged 1 commit into from
Feb 11, 2026
Merged

chore: update GitHub workflow to modern standards #1

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 34 additions & 8 deletions .github/workflows/build-and-push.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,29 @@
name: Build and Push

on:
push:
branches:
- '**'
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-*'
workflow_dispatch:
inputs:
force_push:
description: 'Force push to registry even if not latest tag'
required: false
default: false
type: boolean

# Explicit permissions following least-privilege principle
permissions:
contents: read
packages: write

# Prevent duplicate workflow runs
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

# env:
# ## overrides the docker image name (name is repo name with docker- prefix stripped)
Expand All @@ -17,7 +35,7 @@ jobs:
outputs:
image: ${{ steps.set.outputs.image }}
steps:
-
- name: Set image name
uses: actions/github-script@v7
id: set
with:
Expand All @@ -34,18 +52,20 @@ jobs:
- name: Checkout
uses: actions/checkout@v4

- uses: hadolint/hadolint-action@v3.1.0
- name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
-

- name: Find latest tag
uses: dysnix/find-latest-tag@v1
id: latest
with:
regex: '^v\d'
compared-to-tag: ${{ github.ref }}
repository: ${{ github.repository }}
-
name: Docker meta

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
Expand All @@ -55,16 +75,18 @@ jobs:
tags: |
type=ref,event=tag
type=ref,event=branch
type=sha,prefix=,format=short

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
# amd64 is native platform at the moment and should not be specified here to keep amd64 builds fast
# amd64 is native platform and should not be specified here to keep amd64 builds fast
platforms: linux/arm64

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-

- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
Expand All @@ -75,7 +97,11 @@ jobs:
with:
platforms: linux/amd64,linux/arm64
context: .
push: ${{ steps.latest.outputs.newer == 'true' || steps.latest.outputs.equal == 'true' }}
push: ${{ steps.latest.outputs.newer == 'true' || steps.latest.outputs.equal == 'true' || inputs.force_push == true }}
file: Dockerfile
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: true
sbom: true