on: release: types: [published] name: release jobs: release: name: release runs-on: ubuntu-latest env: # Use docker.io for Docker Hub if empty REGISTRY: ghcr.io # github.repository as / IMAGE_NAME: ${{ github.repository }} permissions: contents: write packages: write steps: - name: Get release id: get_release uses: bruceadams/get-release@v1.3.2 env: GITHUB_TOKEN: ${{ github.token }} - name: Checkout repo uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v5 with: go-version: ^1.21 - name: Build binaries run: go build ./cmd/certspotter/ -o certspotter -ldflags "-s -w" -v . env: CGO_ENABLED: 0 - name: Get release from tag run: echo ::set-output name=RELEASE_VERSION::$(echo ${GITHUB_REF:11}) id: versioner - name: Upload certspotter uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.get_release.outputs.upload_url }} asset_path: ./certspotter asset_name: certspotter asset_content_type: application/octet-stream - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v3 - name: Log into registry ${{ env.REGISTRY }} if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract Docker metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=schedule type=ref,event=branch type=ref,event=tag type=ref,event=pr - name: Build and push uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' && github.event_name != 'merge_group' && github.actor != 'renovate[bot]'}} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }}