Merge remote-tracking branch 'origin/test' into test #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish a Docker image | |
| on: | |
| push: | |
| tags: [ '*' ] | |
| branches: | |
| - test | |
| workflow_dispatch: # Manual run | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| publish-docker-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| #install PHP dependencies | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.3' | |
| tools: composer:v2 | |
| - name: Get composer cache directory | |
| id: composer-cache | |
| working-directory: ./htdocs | |
| run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
| - name: Cache composer dependencies | |
| uses: actions/[email protected] | |
| with: | |
| path: ${{ steps.composer-cache.outputs.dir }} | |
| key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: ${{ runner.os }}-composer- | |
| - name: Install Composer dependencies | |
| working-directory: ./htdocs | |
| run: composer install --no-progress --prefer-dist --optimize-autoloader | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| - name: Cache node_modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Install npm dependencies | |
| working-directory: ./htdocs | |
| run: npm ci | |
| - name: Build assets | |
| working-directory: ./htdocs | |
| run: npm run build | |
| - name: Install NelmioApiDoc assets | |
| working-directory: ./htdocs | |
| run: php bin/console assets:install public --symlink --relative | |
| - name: Upload built assets | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: built-assets | |
| path: | | |
| public/build | |
| public/bundles | |
| #docker image | |
| - name: Log in to the Container registry | |
| uses: docker/[email protected] | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/[email protected] | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Get git tag | |
| id: get_tag | |
| run: echo "TAG=${GITHUB_REF##*/}" >> $GITHUB_ENV | |
| - name: Build and push Docker image | |
| id: push | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| push: true | |
| pull: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| GIT_TAG=${{ env.TAG }} | |
| - name: Generate artifact attestation | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | |
| subject-digest: ${{ steps.push.outputs.digest }} | |
| push-to-registry: true |