add permissions for token #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Copy Docker Images | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - personal-* | |
| env: | |
| DOCKER_REPO: "sarathchandra24" | |
| DOCKER_IMAGE: "fluent-operator" | |
| GITHUB_IMAGE: "${{ github.repository }}/fluent-operator" | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| copy_images: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: docker metadata | |
| id: image-metadata | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: "ghcr.io/${{ env.GITHUB_IMAGE }}" | |
| tags: | | |
| raw,latest | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=ref,event=tag | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| - name: docker metadata | |
| id: release-metadata | |
| uses: docker/metadata-action@v5 | |
| with: | |
| tags: | | |
| raw,latest | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=ref,event=tag | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| - name: Install Skopeo | |
| run: sudo apt-get update && sudo apt-get install -y skopeo | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and Push Image for Fluent Bit | |
| id: docker-build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./cmd/fluent-manager/Dockerfile | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| tags: ${{ steps.image-metadata.outputs.tags }} | |
| labels: ${{ steps.image-metadata.outputs.labels }} | |
| - name: Copy images | |
| run: | | |
| # Define your source and destination repositories | |
| DEST_REPO="docker.io/username/repository" | |
| # Define your credentials | |
| SRC_CREDS="username:token" | |
| DEST_CREDS="username:password" | |
| # Get the list of tags from metadata action output | |
| TAGS=$(echo "${{ steps.release-metadata.outputs.tags }}") | |
| # Convert the string of tags to an array | |
| IFS=',' read -ra TAGS_ARRAY <<< "$TAGS" | |
| # Loop through each tag and copy the image | |
| for tag in "${TAGS_ARRAY[@]}"; do | |
| skopeo copy --src-creds=$SOURCE_CREDS --dest-creds=$RELEASE_CREDS \ | |
| "docker://$SOURCE_IMAGE:$tag" \ | |
| "docker://$RELEASE_IMAGE:$tag" | |
| done | |
| env: | |
| SOURCE_IMAGE: "ghcr.io/${{env.GITHUB_IMAGE}}" | |
| RELEASE_IMAGE: "docker.io/${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" | |
| RELEASE_CREDS: "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_PASSWORD}}" | |
| SOURCE_CREDS: "${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}" |