@@ -49,15 +49,90 @@ jobs:
4949 image_tag : ${{ steps.values.outputs.image_tag }}
5050 image_version : ${{ steps.values.outputs.image_version }}
5151 steps :
52+ - name : Determine checkout ref
53+ id : ref
54+ run : |
55+ if [ -n "${{ inputs.ref }}" ]; then
56+ echo "checkout_ref=${{ inputs.ref }}" >> $GITHUB_OUTPUT
57+ echo "Building from specified ref: ${{ inputs.ref }}"
58+ elif [ -n "${{ github.event.release.tag_name }}" ]; then
59+ echo "checkout_ref=${{ github.event.release.tag_name }}" >> $GITHUB_OUTPUT
60+ echo "Building from release tag: ${{ github.event.release.tag_name }}"
61+ else
62+ echo "checkout_ref=${{ github.ref }}" >> $GITHUB_OUTPUT
63+ echo "Building from triggering ref: ${{ github.ref }}"
64+ fi
65+
5266name : Checkout Code
5367 uses : actions/checkout@v5
5468 with :
55- ref : ${{ inputs.ref || '' }}
69+ ref : ${{ steps.ref.outputs.checkout_ref }}
70+
71+ - name : Verify checkout
72+ run : |
73+ echo "Checked out ref: $(git describe --always --tags)"
74+ echo "Current commit: $(git rev-parse HEAD)"
75+ echo "Current branch/tag: $(git branch --show-current || git describe --tags --exact-match 2>/dev/null || echo 'detached HEAD')"
76+
77+ # If a specific ref was requested, verify we're on it
78+ if [ -n "${{ inputs.ref }}" ]; then
79+ REQUESTED_REF="${{ inputs.ref }}"
80+ CURRENT_REF=$(git rev-parse HEAD)
81+ REQUESTED_SHA=$(git rev-parse "$REQUESTED_REF" 2>/dev/null || echo "unknown")
82+
83+ if [ "$CURRENT_REF" != "$REQUESTED_SHA" ]; then
84+ echo "ERROR: Failed to checkout requested ref '$REQUESTED_REF'"
85+ echo "Expected SHA: $REQUESTED_SHA"
86+ echo "Current SHA: $CURRENT_REF"
87+ exit 1
88+ fi
89+ echo "✓ Successfully verified checkout of ref: $REQUESTED_REF"
90+ fi
5691
5792name : Gather image info
5893 id : info
5994 run : |
6095 echo "repo-owner=${GITHUB_REPOSITORY_OWNER,,}" >> $GITHUB_OUTPUT
96+
97+ # Determine tags based on what we checked out
98+ CHECKOUT_REF="${{ steps.ref.outputs.checkout_ref }}"
99+ echo "Determining tags for ref: ${CHECKOUT_REF}"
100+
101+ TAGS="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/acapy-vc-authn-oidc:"
102+
103+ # Check if it's a semver tag (v1.2.3 or 1.2.3)
104+ if [[ "${CHECKOUT_REF}" =~ ^refs/tags/v?([0-9]+\.[0-9]+\.[0-9]+.*)$ ]] || [[ "${CHECKOUT_REF}" =~ ^v?([0-9]+\.[0-9]+\.[0-9]+.*)$ ]]; then
105+ VERSION="${BASH_REMATCH[1]}"
106+ echo "Detected version: ${VERSION}"
107+
108+ # Full version tag
109+ TAGS="${TAGS}${VERSION}"
110+
111+ # Major.minor tag
112+ if [[ "${VERSION}" =~ ^([0-9]+\.[0-9]+) ]]; then
113+ TAGS="${TAGS},ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/acapy-vc-authn-oidc:${BASH_REMATCH[1]}"
114+ fi
115+
116+ # Latest tag for releases
117+ TAGS="${TAGS},ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/acapy-vc-authn-oidc:latest"
118+
119+ # Check if it's main branch
120+ elif [[ "${CHECKOUT_REF}" == "refs/heads/main" ]] || [[ "${CHECKOUT_REF}" == "main" ]]; then
121+ echo "Building from main branch"
122+ TAGS="${TAGS}dev"
123+
124+ # For other branches, use branch name
125+ else
126+ # Extract branch name from refs/heads/branch-name or just use as-is
127+ BRANCH_NAME="${CHECKOUT_REF#refs/heads/}"
128+ # Sanitize branch name for docker tag (replace / with -)
129+ BRANCH_NAME="${BRANCH_NAME//\//-}"
130+ echo "Building from branch: ${BRANCH_NAME}"
131+ TAGS="${TAGS}${BRANCH_NAME}"
132+ fi
133+
134+ echo "tags=${TAGS}" >> $GITHUB_OUTPUT
135+ echo "Generated tags: ${TAGS}"
61136
62137name : Cache Docker layers
63138 uses : actions/cache@v4
@@ -83,22 +158,20 @@ jobs:
83158 with :
84159 images : |
85160 ghcr.io/${{ steps.info.outputs.repo-owner }}/acapy-vc-authn-oidc
161+ # We generate tags manually in the "Gather image info" step
162+ # but still use metadata-action for labels
86163 tags : |
87- type=semver,pattern={{version}}
88- type=semver,pattern={{major}}.{{minor}}
89- # set dev tag when building from the default branch (main)
90- type=raw,value=dev,enable={{is_default_branch}}
91- # set latest tag for published release
92- type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/') }}
93-
164+ type=raw,value=dummy
165+ flavor : |
166+ latest=false
94167
95168name : Build and Push Image to ghcr.io
96169 uses : docker/build-push-action@v6
97170 with :
98171 push : true
99172 context : .
100173 file : docker/oidc-controller/Dockerfile
101- tags : ${{ steps.meta .outputs.tags }}
174+ tags : ${{ steps.info .outputs.tags }}
102175 labels : ${{ steps.meta.outputs.labels }}
103176 target : main
104177 cache-from : type=local,src=/tmp/.buildx-cache
0 commit comments