diff --git a/.github/workflows/docker-dev.yml b/.github/workflows/docker-dev.yml index 1b711143..5b272f45 100644 --- a/.github/workflows/docker-dev.yml +++ b/.github/workflows/docker-dev.yml @@ -120,17 +120,18 @@ jobs: retention-days: 1 merge: - if: ${{ !env.ACT }} runs-on: ubuntu-latest needs: [version-bump, build] steps: - uses: actions/checkout@v4 + if: ${{ !env.ACT }} with: ref: ${{ needs.version-bump.outputs.sha }} fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Download build digests + if: ${{ !env.ACT }} uses: actions/download-artifact@v4 with: path: /tmp/digests @@ -138,13 +139,16 @@ jobs: merge-multiple: true - uses: docker/setup-buildx-action@v3 + if: ${{ !env.ACT }} - uses: docker/login-action@v3 + if: ${{ !env.ACT }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Create and push multi-arch manifest + if: ${{ !env.ACT }} working-directory: /tmp/digests run: | VERSION="${{ needs.version-bump.outputs.version }}" @@ -157,9 +161,11 @@ jobs: "${digests[@]}" - name: Inspect manifest + if: ${{ !env.ACT }} run: docker buildx imagetools inspect mauriceboe/trek:latest-pre - name: Push git tag + if: ${{ !env.ACT }} run: | VERSION="${{ needs.version-bump.outputs.version }}" git config user.name "github-actions[bot]" @@ -168,6 +174,7 @@ jobs: git push origin "v$VERSION" - name: Clean up old prerelease tags + if: ${{ !env.ACT }} env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 19c42276..67448eaa 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -174,15 +174,16 @@ jobs: retention-days: 1 merge: - if: ${{ !env.ACT }} runs-on: ubuntu-latest needs: [version-bump, build] steps: - uses: actions/checkout@v4 + if: ${{ !env.ACT }} with: ref: main - name: Download build digests + if: ${{ !env.ACT }} uses: actions/download-artifact@v4 with: path: /tmp/digests @@ -190,13 +191,16 @@ jobs: merge-multiple: true - uses: docker/setup-buildx-action@v3 + if: ${{ !env.ACT }} - uses: docker/login-action@v3 + if: ${{ !env.ACT }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Create and push multi-arch manifest + if: ${{ !env.ACT }} working-directory: /tmp/digests run: | VERSION="${{ needs.version-bump.outputs.version }}" @@ -209,19 +213,21 @@ jobs: "${digests[@]}" - name: Inspect manifest + if: ${{ !env.ACT }} run: docker buildx imagetools inspect mauriceboe/trek:latest release-helm: - if: ${{ !env.ACT }} runs-on: ubuntu-latest needs: version-bump steps: - name: Checkout + if: ${{ !env.ACT }} uses: actions/checkout@v4 with: ref: main - name: Publish Helm chart + if: ${{ !env.ACT }} uses: stefanprodan/helm-gh-pages@v1.7.0 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 9cc8577d..2cad31f9 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -25,11 +25,13 @@ jobs: tags: trek:scan - uses: docker/login-action@v3 + if: ${{ !env.ACT }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - uses: docker/scout-action@v1 + if: ${{ !env.ACT }} with: command: cves image: trek:scan