diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..ff91dab1 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,67 @@ +name: Publish Docker image + +on: + release: + types: [published] + +jobs: + push_to_registries: + name: Push Docker image to multiple registries + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + attestations: write + id-token: write + steps: + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ github.repository }} + ghcr.io/${{ github.repository }} + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }} + + - name: Build and push Docker images + id: push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation for Docker Hub + uses: actions/attest-build-provenance@v1 + with: + subject-name: index.docker.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true + + - name: Generate artifact attestation for Github Container Registry + uses: actions/attest-build-provenance@v1 + with: + subject-name: ghcr.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true + diff --git a/Dockerfile b/Dockerfile index 8f8a3ef0..7567b221 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,12 @@ -FROM node:20-alpine +FROM alpine:3 LABEL "repository"="https://github.com/anothrNick/github-tag-action" LABEL "homepage"="https://github.com/anothrNick/github-tag-action" LABEL "maintainer"="Nick Sjostrom" -RUN apk --no-cache add bash git curl jq && npm install -g semver +RUN apk --no-cache add bash git curl jq && \ + wget -qO /usr/local/bin/semver \ + https://raw.githubusercontent.com/fsaintjacques/semver-tool/master/src/semver && \ + chmod +x /usr/local/bin/semver COPY entrypoint.sh /entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh index 2cb19410..74dcc726 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -163,9 +163,9 @@ log=${history_type[${branch_history}]} printf "History:\n---\n%s\n---\n" "$log" case "$log" in - *$major_string_token* ) new=$(semver -i major "$tag"); part="major";; - *$minor_string_token* ) new=$(semver -i minor "$tag"); part="minor";; - *$patch_string_token* ) new=$(semver -i patch "$tag"); part="patch";; + *$major_string_token* ) new=$(semver bump major "$tag"); part="major";; + *$minor_string_token* ) new=$(semver bump minor "$tag"); part="minor";; + *$patch_string_token* ) new=$(semver bump patch "$tag"); part="patch";; *$none_string_token* ) echo "Default bump was set to none. Skipping..." setOutput "old_tag" "$tag" @@ -183,7 +183,7 @@ case "$log" in setOutput "part" "$default_semvar_bump" exit 0 else - new=$(semver -i "${default_semvar_bump}" "$tag") + new=$(semver bump "${default_semvar_bump}" "$tag") part=$default_semvar_bump fi ;; @@ -206,9 +206,9 @@ then then if $with_v then - new=v$(semver -i prerelease "${pre_tag}" --preid "${suffix}") + new=v$(semver bump prerelease "${suffix}".. "${pre_tag}") else - new=$(semver -i prerelease "${pre_tag}" --preid "${suffix}") + new=$(semver bump prerelease "${suffix}".. "${pre_tag}") fi echo -e "Bumping ${suffix} pre-tag ${pre_tag}. New pre-tag ${new}" else