Skip to content

Workflow file for this run

name: Publish package and image to GitHub Packages
on:
release:
types: [created]
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'liberica'
- name: Publish package
run: mvn --batch-mode deploy
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build image
run: docker build . --file Dockerfile --platform linux/amd64 --tag "andifalk/supply-chain-security:${GITHUB_REF_NAME}"
- name: Push image
run: docker push "andifalk/supply-chain-security:${GITHUB_REF_NAME}"
# This step calls the container workflow to generate provenance and push it to
# the container registry.
provenance:
needs: [publish]
permissions:
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
image: "andifalk/supply-chain-security:${GITHUB_REF_NAME}"
registry-username: ${{ secrets.DOCKERHUB_USER }}

Check failure on line 42 in .github/workflows/publish.yml

View workflow run for this annotation

GitHub Actions / Publish package and image to GitHub Packages

Invalid workflow file

The workflow is not valid. .github/workflows/publish.yml (Line: 42, Col: 26): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.DOCKERHUB_USER .github/workflows/publish.yml (Line: 44, Col: 9): A mapping was not expected
secrets:
registry-password: ${{ secrets.DOCKERHUB_TOKEN }}