Update release-publish-and-update-action.yml

Author: H-strangeone

.github/workflows/release-publish-and-update-action.yml

@@ -1,4 +1,5 @@
 name: Release / Publish to GHCR and Update Action
+
 on:
   push:
     tags:
@@ -14,60 +15,49 @@ jobs:
   build-and-push:
     runs-on: ubuntu-latest
     steps:
+
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+      - name: Lowercase owner
+        run: echo "OWNER_LC=${GITHUB_REPOSITORY_OWNER,,}" >> $GITHUB_ENV
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
       - name: Log in to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_PAT }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build and push image
-        uses: docker/build-push-action@v4
+      - name: Build and push versioned + latest images
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
           push: true
           tags: |
-              ghcr.io/${{ github.repository_owner }}/sbom-tm:${{ github.ref_name }}
-              ghcr.io/${{ github.repository_owner }}/sbom-tm:latest
+            ghcr.io/${{ env.OWNER_LC }}/sbom-tm:${{ github.ref_name }}
+            ghcr.io/${{ env.OWNER_LC }}/sbom-tm:latest
 
-      - name: Update `action.yml` to reference GHCR image
+      - name: Update action.yml to reference version
         env:
-          GIT_AUTHOR_NAME: github-actions[bot]
-          GIT_AUTHOR_EMAIL: github-actions[bot]@users.noreply.github.com
-          BRANCH_NAME: release/${{ github.ref_name }}
-          IMAGE_TAG: ghcr.io/${{ github.repository_owner }}/sbom-tm:${{ github.ref_name }}
-          PUSH_TOKEN: ${{ secrets.PERSONAL_TOKEN }}
+          NEW_IMAGE: ghcr.io/${{ env.OWNER_LC }}/sbom-tm:${{ github.ref_name }}
         run: |
-          git config --global user.name "$GIT_AUTHOR_NAME"
-          git config --global user.email "$GIT_AUTHOR_EMAIL"
-          git checkout -b "$BRANCH_NAME"
-          if [ -f action.yml ]; then
-            sed -E "s|image: .*|image: '$IMAGE_TAG'|" action.yml > action.yml.tmp || true
-            mv action.yml.tmp action.yml
-          else
-            echo "warning: action.yml not found"
-          fi
-          git add action.yml || true
-          git commit -m "chore(action): point to GHCR image $IMAGE_TAG" || true
-          git push https://${PUSH_TOKEN}@github.com/${{ github.repository }} HEAD:$BRANCH_NAME
+          git switch -C release/${{ github.ref_name }}
+          yq -i ".runs.image = env(NEW_IMAGE)" action.yml
+          git add action.yml
+          git commit -m "chore: update action to $NEW_IMAGE" || echo "No changes"
+          git push -f
 
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v5
         with:
-          token: ${{ secrets.PERSONAL_TOKEN }}
-          commit-message: "chore(action): point to GHCR image ${{ github.ref_name }}"
-          title: "Release: point action to GHCR image ${{ github.ref_name }}"
-          body: |
-            This PR updates `action.yml` to use the published GHCR image for the action runtime.
+          token: ${{ secrets.GITHUB_TOKEN }}
+          commit-message: "chore: update action to ${{ github.ref_name }}"
+          title: "Release: update action to ${{ github.ref_name }}"
+          body: "Automated update for new GHCR release."
           base: main
           head: release/${{ github.ref_name }}