Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 (#156) #165

Workflow file for this run

.github/workflows/docker-hub.yml at b1beab3

	---
	name: Publish Container image to DockerHub

	on:
	push:
	branches:
	- 'master'
	paths-ignore:
	- '*.md'

	permissions:
	contents: read

	jobs:
	docker:
	name: Push Docker image to DockerHub
	runs-on: ubuntu-latest
	permissions:
	id-token: write # needed for signing the images with GitHub OIDC Token
	attestations: write
	steps:
	- name: Checkout
	uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

	- name: Set up QEMU
	uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0

	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0

	- name: Install cosign
	uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0

	- name: Inspect builder
	run: \|
	echo "Name: ${{ steps.buildx.outputs.name }}"
	echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
	echo "Status: ${{ steps.buildx.outputs.status }}"
	echo "Flags: ${{ steps.buildx.outputs.flags }}"
	echo "Platforms: ${{ steps.buildx.outputs.platforms }}"

	- name: Log in to DockerHub
	uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Generate data time for docker tag
	id: datatime
	run: echo "DATETIME=$(date +'%Y%m%d%H%M')" >> "${GITHUB_OUTPUT}"

	- name: Build and push
	id: docker_build
	uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
	with:
	context: .
	push: true
	sbom: true
	platforms: linux/amd64,linux/arm64
	tags: patrickfmarques/ifconfig.me:1.0.0-${{ steps.datatime.outputs.DATETIME }}

	- name: Sign the images with GitHub OIDC Token
	env:
	DIGEST: ${{ steps.docker_build.outputs.digest }}
	TAGS: patrickfmarques/ifconfig.me
	run: cosign sign --yes "${TAGS}@${DIGEST}"

	- name: Attest
	uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0
	id: attest
	with:
	subject-name: index.docker.io/patrickfmarques/ifconfig.me
	subject-digest: ${{ steps.docker_build.outputs.digest }}
	push-to-registry: true

	- name: Image digest
	run: echo ${{ steps.docker_build.outputs.digest }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 (#156) #165

Workflow file

Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 (#156) #165

Jobs

Run details

Workflow file for this run