Merge pull request #54 from pierDipi/insecure-skip-verify #5
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI - Release - Docker Container Image | |
| on: | |
| push: | |
| tags: | |
| - 'v*' # Runs when a tag like v0.1.0 is pushed | |
| release: | |
| types: [published] # Also runs when a GitHub release is published | |
| jobs: | |
| docker-build-and-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@v4 | |
| - name: Set project name from repository | |
| id: version | |
| run: | | |
| repo="${GITHUB_REPOSITORY##*/}" | |
| echo "project_name=$repo" >> "$GITHUB_OUTPUT" | |
| - name: Print project name | |
| run: echo "Project is ${{ steps.version.outputs.project_name }}" | |
| - name: Determine tag name | |
| id: tag | |
| run: | | |
| if [[ "${GITHUB_EVENT_NAME}" == "release" ]]; then | |
| echo "tag=${GITHUB_REF##refs/tags/}" >> "$GITHUB_OUTPUT" | |
| elif [[ "${GITHUB_REF}" == refs/tags/* ]]; then | |
| echo "tag=${GITHUB_REF##refs/tags/}" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "tag=latest" >> "$GITHUB_OUTPUT" | |
| fi | |
| shell: bash | |
| - name: Build and push image | |
| uses: ./.github/actions/docker-build-and-push | |
| with: | |
| tag: ${{ steps.tag.outputs.tag }} | |
| image-name: ${{ steps.version.outputs.project_name }} | |
| registry: ghcr.io/llm-d | |
| github-token: ${{ secrets.GHCR_TOKEN }} | |
| - name: Run Trivy scan | |
| uses: ./.github/actions/trivy-scan | |
| with: | |
| image: ghcr.io/llm-d/${{ steps.version.outputs.project_name }}:${{ steps.tag.outputs.tag }} |