fix(deploy): add extra release step to only run when tags are generated

ngregrichardson · May 4, 2024 · 128ab81 · 128ab81
1 parent 475fc37
commit 128ab81
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 43 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -0,0 +1,53 @@
+name: Build and Deploy to Registry
+
+on:
+    push:
+        tags:
+            'v[0-9]+.[0-9]+.[0-9]+'
+
+permissions:
+    id-token: write
+    attestations: write
+    packages: write
+
+env:
+    REGISTRY: ghcr.io
+    IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+    release:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout Repository
+              uses: actions/checkout@v4
+            - name: Log into the Container Registry
+              uses: docker/login-action@v3
+              with:
+                registry: ${{ env.REGISTRY }}
+                username: ${{ github.actor }}
+                password: ${{ secrets.GITHUB_TOKEN }}
+            - name: Extract Metadata
+              id: meta  
+              uses: docker/metadata-action@v5
+              with:
+                images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+                tags: |
+                  type=raw,value=latest
+                  type=ref,event=branch,enable=false
+                  type=semver,pattern={{raw}}
+            - name: Build and Push Docker Image
+              id: push  
+              uses: docker/build-push-action@v5
+              with:
+                context: .
+                push: true
+                tags: ${{ steps.meta.outputs.tags }}
+                labels: ${{ steps.meta.outputs.labels }}
+            - name: Generate Artifact Attestation
+              uses: actions/attest-build-provenance@v1
+              with:
+                subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+                subject-digest: ${{ steps.push.outputs.digest }}
+                push-to-registry: true
+
+
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -9,12 +9,6 @@ permissions:
     id-token: write
     contents: write
     pull-requests: write
-    attestations: write
-    packages: write
-
-env:
-    REGISTRY: ghcr.io
-    IMAGE_NAME: ${{ github.repository }}
 
 jobs:
     release:
@@ -24,40 +18,4 @@ jobs:
               id: release
               with:
                 token: ${{ secrets.GITHUB_TOKEN }}
-                release-type: node
-            - name: Checkout Repository
-              uses: actions/checkout@v4
-              if: ${{ steps.release.outputs.release_created }}
-            - name: Log into the Container Registry
-              uses: docker/login-action@v3
-              with:
-                registry: ${{ env.REGISTRY }}
-                username: ${{ github.actor }}
-                password: ${{ secrets.GITHUB_TOKEN }}
-              if: ${{ steps.release.outputs.release_created }}
-            - name: Extract Metadata
-              id: meta  
-              uses: docker/metadata-action@v5
-              with:
-                images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-                tags: |
-                  type=semver,pattern={{raw}}
-              if: ${{ steps.release.outputs.release_created }}
-            - name: Build and Push Docker Image
-              id: push  
-              uses: docker/build-push-action@v5
-              with:
-                context: .
-                push: true
-                tags: ${{ steps.meta.outputs.tags }}
-                labels: ${{ steps.meta.outputs.labels }}
-              if: ${{ steps.release.outputs.release_created }}
-            - name: Generate Artifact Attestation
-              uses: actions/attest-build-provenance@v1
-              with:
-                subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-                subject-digest: ${{ steps.push.outputs.digest }}
-                push-to-registry: true
-              if: ${{ steps.release.outputs.release_created }}
-
-
+                release-type: node