Fix: Explicitly set packages write permissions #16
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build and Upload | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| - 'v*' | |
| branches: | |
| - master | |
| - development | |
| pull_request: | |
| schedule: | |
| # once a week | |
| - cron: '0 0 * * 1' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4.1.1 | |
| - name: Set up QEMU | |
| # Required only for the multi-arch container builds that are pushed to Dockerhub. | |
| # Setting up QEMU during normal PRs prevents testing of the container included | |
| # QEMU setup. | |
| if: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags') }} | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=match,pattern=v(.*),group=1 | |
| ### build+export, test only on PRs | |
| - name: Build and export to Docker | |
| if: github.event_name == 'pull_request' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: docker/Dockerfile | |
| load: true | |
| tags: packer-plugin-cross:test | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - name: Install packer plugins | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| docker run --rm --privileged -v /dev:/dev -v ${PWD}:/build packer-plugin-cross:test init boards/raspberry-pi-4/archlinuxarm.pkr.hcl | |
| - name: Test build board | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| docker run --rm --privileged -v /dev:/dev -v ${PWD}:/build packer-plugin-cross:test build boards/raspberry-pi-4/archlinuxarm.pkr.hcl -extra-system-packages=bmap-tools,zstd | |
| du -h raspberry-pi-4.img | |
| du -h --apparent-size raspberry-pi-4.img | |
| #### | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/development' || startsWith(github.ref, 'refs/tags') }} | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/development' || startsWith(github.ref, 'refs/tags') }} | |
| with: | |
| context: . | |
| file: docker/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |