name: Container Image on: push: branches: - dev - main - master workflow_dispatch: permissions: contents: read packages: write concurrency: group: container-image-${{ github.ref }} cancel-in-progress: true jobs: build-and-push: runs-on: ubuntu-latest env: REGISTRY: git.wilkensxl.de IMAGE_NAME: odysseus FALLBACK_OWNER: mrsphay REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} steps: - name: Checkout uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Check Docker run: docker version - name: Build and push image shell: bash run: | set -euo pipefail registry_token="${REGISTRY_TOKEN:-${GITEA_TOKEN:-}}" if [ -z "${registry_token}" ]; then echo "REGISTRY_TOKEN or GITEA_TOKEN is required to publish ${REGISTRY}/${FALLBACK_OWNER}/${IMAGE_NAME}." exit 1 fi owner="${GITHUB_REPOSITORY_OWNER:-${FALLBACK_OWNER}}" owner="$(printf '%s' "${owner}" | tr '[:upper:]' '[:lower:]')" registry_user="${GITHUB_ACTOR:-${owner}}" image="${REGISTRY}/${owner}/${IMAGE_NAME}" short_sha="$(printf '%s' "${GITHUB_SHA}" | cut -c1-7)" ref_name="${GITHUB_REF_NAME:-dev}" ref_tag="$(printf '%s' "${ref_name}" | tr '[:upper:]' '[:lower:]' | tr -cs 'a-z0-9._-' '-' | sed 's/^-//; s/-$//')" echo "${registry_token}" | docker login "${REGISTRY}" --username "${registry_user}" --password-stdin docker build --pull \ --tag "${image}:sha-${short_sha}" \ --tag "${image}:${ref_tag}" \ --tag "${image}:latest" \ . docker push "${image}:sha-${short_sha}" docker push "${image}:${ref_tag}" docker push "${image}:latest" { echo "Published image tags:" echo "- ${image}:latest" echo "- ${image}:${ref_tag}" echo "- ${image}:sha-${short_sha}" } >> "${GITHUB_STEP_SUMMARY}"