topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Switch to `fromJSON` digest extraction 

- removes the need for a separate digest extraction step
pull/6391/head
dfunkt 1 month ago
parent
a85b48512c
commit
a63ca00984
1 changed files with 9 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      .github/workflows/release.yml

21
.github/workflows/release.yml
View File

@ -192,38 +192,35 @@ jobs:
*.cache-from=${{ env.BAKE_CACHE_FROM }}
*.cache-to=${{ env.BAKE_CACHE_TO }}
- name: Extract digest SHA
shell: bash
env:
BAKE_METADATA: ${{ steps.bake_vw.outputs.metadata }}
BASE_IMAGE: ${{ matrix.base_image }}
run: |
GET_DIGEST_SHA="$(jq -r --arg base "$BASE_IMAGE" '.[$base + "-multi"]."containerimage.digest"' <<< "${BAKE_METADATA}")"
echo "DIGEST_SHA=${GET_DIGEST_SHA}" | tee -a "${GITHUB_ENV}"
# Attest container images
- name: Attest - docker.io - ${{ matrix.base_image }}
if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' && steps.bake_vw.outputs.metadata != ''}}
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
env:
BASE_IMAGE: ${{ matrix.base_image }}
with:
subject-name: ${{ vars.DOCKERHUB_REPO }}
subject-digest: ${{ env.DIGEST_SHA }}
subject-digest: ${{ fromJSON(steps.bake_vw.outputs.metadata)[format('{0}-multi', env.BASE_IMAGE)]['containerimage.digest'] }}
push-to-registry: true
- name: Attest - ghcr.io - ${{ matrix.base_image }}
if: ${{ env.HAVE_GHCR_LOGIN == 'true' && steps.bake_vw.outputs.metadata != ''}}
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
env:
BASE_IMAGE: ${{ matrix.base_image }}
with:
subject-name: ${{ vars.GHCR_REPO }}
subject-digest: ${{ env.DIGEST_SHA }}
subject-digest: ${{ fromJSON(steps.bake_vw.outputs.metadata)[format('{0}-multi', env.BASE_IMAGE)]['containerimage.digest'] }}
push-to-registry: true
- name: Attest - quay.io - ${{ matrix.base_image }}
if: ${{ env.HAVE_QUAY_LOGIN == 'true' && steps.bake_vw.outputs.metadata != ''}}
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
env:
BASE_IMAGE: ${{ matrix.base_image }}
with:
subject-name: ${{ vars.QUAY_REPO }}
subject-digest: ${{ env.DIGEST_SHA }}
subject-digest: ${{ fromJSON(steps.bake_vw.outputs.metadata)[format('{0}-multi', env.BASE_IMAGE)]['containerimage.digest'] }}
push-to-registry: true

Write Preview
Loading…
Cancel
Save