Skip to content

build(deps): Bump docker/metadata-action from 5.0.0 to 5.6.1 #2660

build(deps): Bump docker/metadata-action from 5.0.0 to 5.6.1

build(deps): Bump docker/metadata-action from 5.0.0 to 5.6.1 #2660

Workflow file for this run

name: Build
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: linz/action-typescript@dee99184c4305aea6c380a52db9b2d7abaaa3e78 # v3
with:
node-version: 20.x
- name: Generate Readme
run: |
npm run docs
# Validate no READMEs have been updated
- name: Validate Readme generation
run: |
git diff --exit-code
# Only build containers on branches otherwise container builds are duplicated deploy-nonprod-containers
- name: Set up Docker Buildx
if: ${{ github.ref != 'refs/heads/master' }}
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3
- name: Build container
if: ${{ github.ref != 'refs/heads/master' }}
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5
with:
context: .
platforms: linux/amd64
push: false
build-args: |
GIT_HASH=${{ github.sha }}
GITHUB_RUN_ID=${{ github.run_id}}
deploy-nonprod-containers:
runs-on: ubuntu-latest
concurrency: deploy-dev-${{ github.ref }}
needs: ['build']
# On push to master when it is not a release!
if: ${{ github.ref == 'refs/heads/master' && !startsWith(github.event.head_commit.message, 'release:') }}
permissions:
id-token: write
contents: read
packages: write
env:
AWS_CI_ROLE: ${{ secrets.AWS_CI_ROLE }}
environment:
name: nonprod
steps:
- uses: linz/action-typescript@dee99184c4305aea6c380a52db9b2d7abaaa3e78 # v3
with:
node-version: 20.x
- name: Download actionlint
run: docker build --tag actionlint - < .github/workflows/actionlint.dockerfile
- name: Run actionlint to check workflow files
run: docker run --volume="${PWD}:/repo" --workdir=/repo actionlint -color
- name: Setup GIT version
id: version
run: |
GIT_VERSION=$(git describe --tags --always --match 'v*')
GIT_VERSION_MAJOR=$(echo "$GIT_VERSION" | cut -d. -f1)
GIT_VERSION_MAJOR_MINOR=$(echo "$GIT_VERSION" | cut -d. -f1,2)
{ echo "version=${GIT_VERSION}"; echo "version_major=${GIT_VERSION_MAJOR}"; echo "version_major_minor=${GIT_VERSION_MAJOR_MINOR}"; } >> "$GITHUB_OUTPUT"
- name: Set up Docker Qemu
id: qemu
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3
- name: Docker meta
id: meta
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5
with:
images: ${{ github.repository }}
labels: |
org.opencontainers.image.version=${{ steps.version.outputs.version }}
- name: Login to GitHub Container Registry
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Configure AWS Credentials
if: ${{env.AWS_CI_ROLE != ''}}
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4
with:
aws-region: ap-southeast-2
mask-aws-account-id: true
role-to-assume: ${{ secrets.AWS_CI_ROLE }}
- name: Login to Amazon ECR
if: ${{env.AWS_CI_ROLE != ''}}
id: login-ecr
uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1
- name: Setup docker tags
id: tags
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
result-encoding: string
script: |
const tags = [];
tags.push('ghcr.io/${{ github.repository }}:latest');
tags.push('ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version }}');
if ("${{ steps.login-ecr.outputs.registry }}") {
tags.push('${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name }}:latest');
tags.push('${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name }}:${{ steps.version.outputs.version }}');
}
return tags.join(', ')
- name: Build and push container
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5
with:
context: .
tags: ${{ steps.tags.outputs.result }}
push: true
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/arm64,linux/amd64
build-args: |
GIT_HASH=${{ github.sha }}
GIT_VERSION=${{ steps.version.outputs.version }}
GITHUB_RUN_ID=${{ github.run_id}}