Updated key rotation to be more random #923
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Docker images | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| release: | |
| types: | |
| - published | |
| permissions: {} | |
| jobs: | |
| build: | |
| permissions: | |
| contents: read # to fetch code (actions/checkout) | |
| packages: write # to push docker image | |
| name: Build image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout main | |
| uses: actions/checkout@v2 | |
| - name: Run the build | |
| run: | | |
| set -ex | |
| # use that here since the variable are not present before start, so can't be in env | |
| export LOGIN=$GITHUB_REPOSITORY_OWNER | |
| echo $PASSWORD | docker login $REGISTRY -u $LOGIN --password-stdin | |
| for i in docker/* ; do | |
| CONTAINER=$(basename $i) | |
| echo "Building $CONTAINER" | |
| export IMAGE=$LOGIN/augur_$CONTAINER | |
| DOCKERFILE=${i}/Dockerfile | |
| docker build . -f $DOCKERFILE --tag $REGISTRY/$IMAGE:latest | |
| if [[ $GITHUB_EVENT_NAME == 'release' ]]; then | |
| TAG=$(basename $GITHUB_REF) | |
| docker tag $REGISTRY/$IMAGE:latest $REGISTRY/$IMAGE:$TAG | |
| docker push $REGISTRY/$IMAGE:latest | |
| docker push $REGISTRY/$IMAGE:$TAG | |
| elif [[ $GITHUB_EVENT_NAME == 'push' ]]; then | |
| docker tag $REGISTRY/$IMAGE:latest $REGISTRY/$IMAGE:devel-latest | |
| docker push $REGISTRY/$IMAGE:devel-latest | |
| fi | |
| done | |
| env: | |
| REGISTRY: ghcr.io | |
| PASSWORD: ${{ secrets.GITHUB_TOKEN }} |