build_master_multi_images #1026

Workflow file for this run

.github/workflows/build_master_multi.yml at 87b7c5e

	name: build_master_multi_images
	on:
	schedule:
	- cron: '30 2 * * * '
	push:
	branches:
	- main

	permissions: {}

	env:
	REGISTRY_USER: ${{ github.actor }}
	REGISTRY_PASSWORD: ${{ github.token }}
	IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}

	jobs:
	build_multi_master:
	name: ${{ matrix.build.name }}
	runs-on: 'ubuntu-latest'
	permissions:
	contents: read
	packages: write
	strategy:
	fail-fast: false
	matrix:
	install_latest: [ true ]
	steps:
	- name: Checkout repository
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	with:
	persist-credentials: false
	ref: "main"
	- name: Log in to ghcr.io
	uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1.7
	with:
	username: ${{ env.REGISTRY_USER }}
	password: ${{ env.REGISTRY_PASSWORD }}
	registry: ${{ env.IMAGE_REGISTRY }}
	- name: "login docker hub"
	run: \|
	podman login -u ${{secrets.DOCKER_HUB_USER}} -p ${{secrets.DOCKER_HUB_TOKEN}} docker.io
	docker login -u ${{secrets.DOCKER_HUB_USER}} -p ${{secrets.DOCKER_HUB_TOKEN}}
	- name: "login quay.io"
	run: \|
	podman login -u ${{secrets.QUAY_USER}} -p ${{secrets.QUAY_TOKEN}} quay.io
	docker login -u ${{secrets.QUAY_USER}} -p ${{secrets.QUAY_TOKEN}} quay.io
	- run: \|
	sudo apt-get update
	sudo apt-get -y install qemu-user-static buildah less git make podman clamav clamav-freshclam
	name: 'install dev deps'
	- run: buildah unshare make branch_or_ref=master release_tag=master multibuild
	name: 'build multi image'
	- run: buildah unshare make dist_name=localhost/curl-multi release_tag=master test
	name: 'test image'
	- run: make image_name=localhost/curl-multi:master scan
	name: 'security scan image'
	- run: \|
	buildah manifest push --all --format v2s2 localhost/curl-base-multi:master "docker://ghcr.io/curl/curl-container/curl-base-multi:master"
	buildah manifest push --all --format v2s2 localhost/curl-multi:master "docker://ghcr.io/curl/curl-container/curl-multi:master"
	name: 'push multi images to github registry'
	- name: Install Cosign
	uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
	- name: Write signing key to disk (only needed for `cosign sign --key`)
	run: echo "${{ secrets.COSIGN_PRIVATE_KEY }}" > cosign.key
	- name: Sign image with a key
	run: \|
	cosign sign -y --key cosign.key ghcr.io/curl/curl-container/curl-multi:master
	cosign sign -y --key cosign.key ghcr.io/curl/curl-container/curl-base-multi:master
	env:
	COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
	- name: Write public key to disk
	run: echo "${{ secrets.COSIGN_PUBLIC_KEY }}" > cosign.pub
	- name: Verify image with public key
	run: \|
	cosign verify --key cosign.pub ghcr.io/curl/curl-container/curl-multi:master
	cosign verify --key cosign.pub ghcr.io/curl/curl-container/curl-base-multi:master

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

build_master_multi_images #1026

Workflow file

build_master_multi_images #1026

Uh oh!

Jobs

Run details

Workflow file for this run