build-and-publish-develop.yml 2.1 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970
  1. name: Build and Publish Develop
  2. on:
  3. workflow_run:
  4. workflows: [Build/Test]
  5. types: [completed]
  6. branches: [develop]
  7. concurrency:
  8. group: build-opencost-develop
  9. cancel-in-progress: false
  10. permissions: {}
  11. env:
  12. # Use docker.io for Docker Hub if empty
  13. REGISTRY: ghcr.io
  14. jobs:
  15. build-and-publish-opencost:
  16. runs-on: ubuntu-latest
  17. if: ${{ github.event.workflow_run.conclusion == 'success' }}
  18. permissions:
  19. contents: read
  20. packages: write
  21. id-token: write
  22. steps:
  23. - name: Checkout Repo
  24. uses: actions/checkout@v6.0.2
  25. - name: Set SHA
  26. id: sha
  27. run: |
  28. echo "OC_SHORTHASH=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
  29. - name: Set OpenCost Image Tags
  30. id: tags
  31. env:
  32. REPO: ${{ github.repository_owner }}
  33. SHORTHASH: ${{ steps.sha.outputs.OC_SHORTHASH }}
  34. run: |
  35. echo "IMAGE_TAG=ghcr.io/$REPO/opencost:develop-$SHORTHASH" >> $GITHUB_OUTPUT
  36. - name: Build and publish container
  37. uses: ./.github/actions/build-container
  38. with:
  39. actor: ${{ github.actor }}
  40. GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  41. image_tag: ${{ steps.tags.outputs.IMAGE_TAG }}
  42. release_version: develop-${{ steps.sha.outputs.OC_SHORTHASH }}
  43. - name: Install crane
  44. uses: imjasonh/setup-crane@v0.5
  45. - name: Tag and push latest image
  46. env:
  47. IMAGE_TAG: ${{ steps.tags.outputs.IMAGE_TAG }}
  48. run: |
  49. # Extract the repository part (everything before the last colon)
  50. REPO=$(echo "$IMAGE_TAG" | sed 's/:.*$//')
  51. # Create the new tag
  52. NEW_TAG="${REPO}:develop-latest"
  53. echo "Copying $IMAGE_TAG to ${NEW_TAG}"
  54. crane copy "$IMAGE_TAG" "${NEW_TAG}"
  55. - name: Sign image and attest SLSA provenance
  56. uses: ./.github/actions/sign-image
  57. with:
  58. image: ${{ steps.tags.outputs.IMAGE_TAG }}
  59. workflow-path: .github/workflows/build-and-publish-develop.yml
  60. run-started-at: ${{ github.run_started_at }}