github-mirrors/zabbix-docker
1
0
Fork 0
mirror of https://mirror.skon.top/github.com/zabbix/zabbix-docker synced 2026-04-20 21:00:35 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Updated Windows / Linux / RHEL workflow

Browse Source
This commit is contained in:
Alexey Pustovalov
2026-03-30 13:54:48 +09:00
parent 7f320b7193
commit b0e070a930
5 changed files with 197 additions and 225 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
.github/actions/docker-build-push-linux/action.yml vendored Normal file
View File

@@ -0,0 +1,65 @@
name: Docker build for Linux
description: Build and optionally push a Linux image via docker/build-push-action
inputs:
context:
required: true
description: Docker build context
file:
required: true
description: Dockerfile path
platforms:
required: true
description: Target platforms
push:
required: false
default: "true"
description: Whether to push the image
sbom:
required: false
default: "true"
description: Whether to generate SBOM
provenance:
required: false
default: mode=max
description: Provenance mode
tags:
required: true
description: Image tags
labels:
required: true
description: Image labels
build_args:
required: false
default: ""
description: Optional multiline build args
build_contexts:
required: false
default: ""
description: Optional multiline build contexts
outputs:
digest:
description: Built image digest
value: ${{ steps.build.outputs.digest }}
metadata:
description: Build metadata
value: ${{ steps.build.outputs.metadata }}
runs:
using: composite
steps:
- name: Build and optionally push image
id: build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
with:
context: ${{ inputs.context }}
file: ${{ inputs.file }}
platforms: ${{ inputs.platforms }}
push: ${{ inputs.push }}
provenance: ${{ inputs.provenance }}
sbom: ${{ inputs.sbom }}
tags: ${{ inputs.tags }}
labels: ${{ inputs.labels }}
build-args: ${{ inputs.build_args }}
build-contexts: ${{ inputs.build_contexts }}

54
.github/actions/docker-linux-setup/action.yml vendored Normal file
View File

@@ -0,0 +1,54 @@
name: Docker Linux setup
description: Set up QEMU, Docker Buildx, and optional registry login
inputs:
auto_push_images:
required: false
default: false
description: Whether registry login is needed
qemu_image:
required: false
default: tonistiigi/binfmt:qemu-v10.0.4
description: QEMU binfmt image
qemu_platforms:
required: false
default: all
description: Platforms for QEMU
buildkit_image:
required: false
default: moby/buildkit:v0.28.1
description: BuildKit image
docker_username:
required: false
default: ""
description: Docker registry username
docker_password:
required: false
default: ""
description: Docker registry password
runs:
using: composite
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
with:
image: ${{ inputs.qemu_image }}
platforms: ${{ inputs.qemu_platforms }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
driver-opts: image=${{ inputs.buildkit_image }}
- name: Login to DockerHub
if: ${{ inputs.auto_push_images == 'true' }}
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
username: ${{ inputs.docker_username }}
password: ${{ inputs.docker_password }}

213
.github/workflows/images_build.yml vendored
View File

@@ -37,7 +37,6 @@ env:
DOCKER_REGISTRY: ${{ vars.DOCKER_REGISTRY }}
DOCKER_REPOSITORY: ${{ vars.DOCKER_REPOSITORY }}
LATEST_BRANCH: ${{ github.event.repository.default_branch }}
TRUNK_GIT_BRANCH: "refs/heads/trunk"
IMAGES_PREFIX: "zabbix-"
@@ -83,7 +82,9 @@ jobs:
with:
ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }}
fetch-depth: 1
sparse-checkout: ${{ env.MATRIX_FILE }}
sparse-checkout: |
${{ env.MATRIX_FILE }}
.github
- name: Check matrix file
env:
@@ -139,33 +140,10 @@ jobs:
- name: Get branch info
id: branch_info
env:
LATEST_BRANCH: ${{ env.LATEST_BRANCH }}
GITHUB_REF_RAW: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || github.ref }}
run: |
github_ref="$GITHUB_REF_RAW"
sha_short="$(git rev-parse --short HEAD)"
if [[ "$github_ref" == refs/tags/* ]]; then
github_ref="${github_ref%.*}"
fi
github_ref="${github_ref##*/}"
is_default_branch=false
if [[ "$github_ref" == "$LATEST_BRANCH" ]]; then
is_default_branch=true
fi
echo "::group::Branch data"
echo "is_default_branch=$is_default_branch"
echo "current_branch=$github_ref"
echo "sha_short=$sha_short"
echo "::endgroup::"
echo "is_default_branch=$is_default_branch" >> "$GITHUB_OUTPUT"
echo "current_branch=$github_ref" >> "$GITHUB_OUTPUT"
echo "sha_short=$sha_short" >> "$GITHUB_OUTPUT"
uses: ./.github/actions/get-branch-info
with:
trunk_version: ${{ inputs.trunk_version }}
trunk_git_branch: ${{ env.TRUNK_GIT_BRANCH }}
build_base:
timeout-minutes: 30
@@ -289,21 +267,7 @@ jobs:
fetch-depth: 1
- name: Install cosign
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22
- name: Check cosign version
run: cosign version
- name: Set up QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
with:
image: tonistiigi/binfmt:qemu-v10.0.4
platforms: all
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
driver-opts: image=moby/buildkit:v0.28.1
uses: ./.github/actions/cosign-install
- name: Prepare platform list
id: platform
@@ -330,21 +294,21 @@ jobs:
trunk_only_event: ${{ env.TRUNK_ONLY_EVENT }}
event_name: ${{ github.event_name }}
- name: Login to DockerHub
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
- name: Set up Docker tooling
uses: ./.github/actions/docker-linux-setup
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
auto_push_images: true
docker_username: ${{ secrets.DOCKER_USERNAME }}
docker_password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and publish image
id: docker_build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
uses: ./.github/actions/docker-build-linux
with:
context: ${{ format('{0}/{1}/{2}', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
labels: |
@@ -452,21 +416,7 @@ jobs:
fetch-depth: 1
- name: Install cosign
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22
- name: Check cosign version
run: cosign version
- name: Set up QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
with:
image: tonistiigi/binfmt:qemu-v10.0.4
platforms: all
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
driver-opts: image=moby/buildkit:v0.28.1
uses: ./.github/actions/cosign-install
- name: Prepare platform list
id: platform
@@ -524,49 +474,38 @@ jobs:
oidc_issuer: ${{ env.OIDC_ISSUER }}
identity_regexp: ${{ env.IDENTITY_REGEX }}
- name: Login to DockerHub
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
- name: Set up Docker tooling
uses: ./.github/actions/docker-linux-setup
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
auto_push_images: true
docker_username: ${{ secrets.DOCKER_USERNAME }}
docker_password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build ${{ matrix.build }}/${{ matrix.os }} and push
id: docker_build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
uses: ./.github/actions/docker-build-linux
with:
context: ${{ format('{0}/{1}/{2}/', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
build-contexts: |
sources=./sources/
config_templates=./config_templates/
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
build-args: |
build_contexts: |
sources=./sources/
config_templates=./config_templates/
build_args: |
BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
- name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
run: |
images=()
for tag in ${TAGS}; do
images+=("${tag}@${DIGEST}")
done
echo "::group::Images to sign"
printf '%s\n' "${images[@]}"
echo "::endgroup::"
echo "::group::Signing"
cosign sign --yes "${images[@]}"
echo "::endgroup::"
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: ./.github/actions/cosign-sign
with:
digest: ${{ steps.docker_build.outputs.digest }}
tags: ${{ steps.meta.outputs.tags }}
- name: Attest images
id: attest
@@ -724,22 +663,7 @@ jobs:
- name: Install cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22
- name: Check cosign version
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: cosign version
- name: Set up QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
with:
image: tonistiigi/binfmt:qemu-v10.0.4
platforms: all
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
driver-opts: image=moby/buildkit:v0.28.1
uses: ./.github/actions/cosign-install
- name: Prepare platform list
id: platform
@@ -831,61 +755,46 @@ jobs:
echo "base_build_image=${image_name}@${image_digest}" >> "$GITHUB_OUTPUT"
- name: Verify ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} cosign
if: ${{ matrix.build != 'snmptraps' && env.AUTO_PUSH_IMAGES == 'true' }}
env:
BASE_IMAGE: ${{ steps.base_build.outputs.base_build_image }}
OIDC_ISSUER: ${{ env.OIDC_ISSUER }}
IDENTITY_REGEX: ${{ env.IDENTITY_REGEX }}
run: |
echo "::group::Image sign data"
echo "OIDC issuer=$OIDC_ISSUER"
echo "Identity=$IDENTITY_REGEX"
echo "Image to verify=$BASE_IMAGE"
echo "::endgroup::"
echo "::group::Verify signature"
cosign verify \
--certificate-oidc-issuer-regexp "$OIDC_ISSUER" \
--certificate-identity-regexp "$IDENTITY_REGEX" \
"$BASE_IMAGE" | jq
echo "::endgroup::"
- name: Login to DockerHub
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
uses: ./.github/actions/cosign-verify
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
image: ${{ steps.base_build.outputs.base_build_image }}
oidc_issuer: ${{ env.OIDC_ISSUER }}
identity_regexp: ${{ env.IDENTITY_REGEX }}
- name: Set up Docker tooling
uses: ./.github/actions/docker-linux-setup
with:
auto_push_images: ${{ env.AUTO_PUSH_IMAGES }}
docker_username: ${{ secrets.DOCKER_USERNAME }}
docker_password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push image
if: ${{ matrix.build != 'snmptraps' }}
id: docker_build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
uses: ./.github/actions/docker-build-linux
with:
context: ${{ format('{0}/{1}/{2}', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
provenance: mode=max
sbom: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
push: ${{ env.AUTO_PUSH_IMAGES }}
sbom: ${{ env.AUTO_PUSH_IMAGES }}
tags: ${{ steps.meta.outputs.tags }}
build-args: |
build_args: |
BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
- name: Build snmptraps image
- name: Build and push snmptraps image
if: ${{ matrix.build == 'snmptraps' }}
id: docker_build_snmptraps
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
id: docker_build
uses: ./.github/actions/docker-build-linux
with:
context: ${{ format('{0}/{1}/{2}', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
provenance: mode=max
sbom: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
push: ${{ env.AUTO_PUSH_IMAGES }}
sbom: ${{ env.AUTO_PUSH_IMAGES }}
tags: ${{ steps.meta.outputs.tags }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
@@ -893,22 +802,10 @@ jobs:
- name: Sign the images with GitHub OIDC Token
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ matrix.build == 'snmptraps' && steps.docker_build_snmptraps.outputs.digest || steps.docker_build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
run: |
images=()
for tag in ${TAGS}; do
images+=("${tag}@${DIGEST}")
done
echo "::group::Images to sign"
printf '%s\n' "${images[@]}"
echo "::endgroup::"
echo "::group::Signing"
cosign sign --yes "${images[@]}"
echo "::endgroup::"
uses: ./.github/actions/cosign-sign
with:
digest: ${{ matrix.build == 'snmptraps' && steps.docker_build_snmptraps.outputs.digest || steps.docker_build.outputs.digest }}
tags: ${{ steps.meta.outputs.tags }}
- name: Attest images
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}

76
.github/workflows/images_build_rhel.yml vendored
View File

@@ -85,7 +85,9 @@ jobs:
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
sparse-checkout: ${{ env.MATRIX_FILE }}
sparse-checkout: |
${{ env.MATRIX_FILE }}
.github
- name: Check matrix file
env:
@@ -147,44 +149,10 @@ jobs:
- name: Get branch info
id: branch_info
env:
LATEST_BRANCH: ${{ env.LATEST_BRANCH }}
GITHUB_REF_RAW: ${{ github.ref }}
TRUNK_MAJOR_VERSION: ${{ inputs.trunk_version }}
run: |
github_ref="$GITHUB_REF_RAW"
sha_short="$(git rev-parse --short HEAD)"
if [[ "$github_ref" == refs/tags/* ]]; then
github_ref="${github_ref%.*}"
fi
github_ref="${github_ref##*/}"
is_default_branch=false
if [[ "$github_ref" == "$LATEST_BRANCH" ]]; then
is_default_branch=true
fi
if [[ "${github_ref//.}" == "trunk" && -n "${TRUNK_MAJOR_VERSION:-}" ]]; then
secret_prefix="RHEL_${TRUNK_MAJOR_VERSION//.}"
else
secret_prefix="RHEL_${github_ref//.}"
fi
echo "::group::Branch metadata"
echo "is_default_branch=$is_default_branch"
echo "current_branch=$github_ref"
echo "secret_prefix=$secret_prefix"
echo "sha_short=$sha_short"
echo "::endgroup::"
{
echo "is_default_branch=$is_default_branch"
echo "current_branch=$github_ref"
echo "secret_prefix=$secret_prefix"
echo "sha_short=$sha_short"
} >> "$GITHUB_OUTPUT"
uses: ./.github/actions/get-branch-info
with:
trunk_version: ${{ inputs.trunk_version }}
trunk_git_branch: ${{ env.TRUNK_GIT_BRANCH }}
build_base:
timeout-minutes: 30
@@ -256,13 +224,13 @@ jobs:
echo "image_tag_id=$TAG_ID" >> "$GITHUB_OUTPUT"
echo "image_tag=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
- name: Cache image metadata
uses: actions/cache/save@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
- name: Upload artifact metadata
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
path: |
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag_id
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
name: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Push image to local storage
id: push_image
@@ -344,13 +312,10 @@ jobs:
run: |
echo "arch=${ARCH,,}" >> "$GITHUB_OUTPUT"
- name: Download metadata of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/cache/restore@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
- name: Download artifact metadata of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: |
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag_id
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
name: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Pull ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }} image from local storage
id: base_build
@@ -440,13 +405,13 @@ jobs:
echo "image_tag_id=$TAG_ID" >> "$GITHUB_OUTPUT"
echo "image_tag=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
- name: Cache image metadata
uses: actions/cache/save@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
- name: Upload artifact metadata
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
path: |
${{ matrix.build }}_${{ matrix.arch }}_tag_id
${{ matrix.build }}_${{ matrix.arch }}_tag
key: ${{ matrix.build }}-${{ matrix.arch }}-${{ github.run_id }}
name: ${{ matrix.build }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Push image to local storage
id: push_image
@@ -550,14 +515,11 @@ jobs:
echo "build_base=$build_base" >> "$GITHUB_OUTPUT"
- name: Download metadata of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }}
- name: Download artifact metadata of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }}
if: ${{ matrix.build != 'snmptraps' }}
uses: actions/cache/restore@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: |
${{ steps.build_base_image.outputs.build_base }}_${{ matrix.arch }}_tag_id
${{ steps.build_base_image.outputs.build_base }}_${{ matrix.arch }}_tag
key: ${{ steps.build_base_image.outputs.build_base }}-${{ matrix.arch }}-${{ github.run_id }}
name: ${{ steps.build_base_image.outputs.build_base }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Pull ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }} image
id: base_build

14
.github/workflows/images_build_windows.yml vendored
View File

@@ -71,6 +71,7 @@ jobs:
with:
disable-sudo: true
egress-policy: block
disable-telemetry: true
allowed-endpoints: >
github.com:443
release-assets.githubusercontent.com:443
@@ -147,6 +148,7 @@ jobs:
with:
disable-sudo: true
egress-policy: block
disable-telemetry: true
allowed-endpoints: >
aka.ms:443
api.github.com:443
@@ -220,7 +222,7 @@ jobs:
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}-
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }}-latest,prefix=${{ matrix.component }}-
type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest
type=raw,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && needs.init_build.outputs.is_default_branch == 'true' }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}-
flavor: |
@@ -453,6 +455,7 @@ jobs:
with:
disable-sudo: true
egress-policy: audit
disable-telemetry: true
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
@@ -576,12 +579,3 @@ jobs:
with:
subject_name: ${{ format('{0}/{1}/{2}{3}', env.DOCKER_REGISTRY, env.DOCKER_REPOSITORY, env.IMAGES_PREFIX, matrix.component ) }}
subject_digest: ${{ steps.docker_build.outputs.digest }}
- name: Print final image digest
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
run: |
echo "::group::Image digest"
echo "$Env:DIGEST"
echo "::endgroup::"