Merge pull request #169 from kaleido-io/cve-fix #106
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Main Build | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
docker: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set build tag | |
id: build_tag_generator | |
run: | | |
RELEASE_TAG=$(curl https://api.github.com/repos/hyperledger/firefly-tokens-erc20-erc721/releases/latest -s | jq .tag_name -r) | |
BUILD_TAG=$RELEASE_TAG-$(date +"%Y%m%d")-$GITHUB_RUN_NUMBER | |
echo ::set-output name=BUILD_TAG::$BUILD_TAG | |
- name: Build | |
run: | | |
docker build \ | |
--label commit=$GITHUB_SHA \ | |
--label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \ | |
--label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \ | |
--build-arg BUILD_IMAGE=node:20-alpine3.17 \ | |
--build-arg BASE_IMAGE=node:20-alpine3.17 \ | |
--tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} . | |
- name: Tag release | |
run: docker tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} ghcr.io/hyperledger/firefly-tokens-erc20-erc721:head | |
- name: Push docker image | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin | |
docker push ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} | |
- name: Push head tag | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin | |
docker push ghcr.io/hyperledger/firefly-tokens-erc20-erc721:head |