diff options
| author | Kevin Hoerr <kjhoerr@protonmail.com> | 2023-01-09 09:55:54 -0500 |
|---|---|---|
| committer | Kevin J Hoerr <kjhoerr@protonmail.com> | 2025-08-18 11:51:26 -0400 |
| commit | ec6d7150461272294378cac4fa56166ee95085e3 (patch) | |
| tree | 3d2acc6c4dcfd116a9213ca4a7249001fdc31fd6 /.github/workflows/build.yml | |
| parent | 038bc941e0deee9f262b2071cab668063529191c (diff) | |
| download | pantry-ec6d7150461272294378cac4fa56166ee95085e3.tar.gz pantry-ec6d7150461272294378cac4fa56166ee95085e3.tar.bz2 pantry-ec6d7150461272294378cac4fa56166ee95085e3.zip | |
Add build action (#37)
Diffstat (limited to '.github/workflows/build.yml')
| -rw-r--r-- | .github/workflows/build.yml | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..a60ccb2 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,75 @@ +name: Pantry build + +on: + push: + branches: [ "trunk" ] + +env: + IMAGE_NAME: ${{ github.repository }} + +jobs: + build: + + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [ 18.x ] + + steps: + - uses: actions/checkout@v3 + + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + cache: 'yarn' + - name: Install Node.js packages + run: yarn install + - name: Run build injection + run: yarn inject + + - name: Use Java 17 + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: '17' + cache: 'maven' + - name: Maven package + run: mvn package -Pnative + + - name: Install cosign + uses: sigstore/cosign-installer@v2 + with: + cosign-release: 'v1.11.0' + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v2 + - name: Log into DockerHub + uses: docker/login-action@v2 + with: + username: ${{ github.actor }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE_NAME }} + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v3 + with: + context: . + file: "{context}/src/main/docker/Dockerfile.native" + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + # Sign the resulting Docker image digest. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} |