Skip to content
ci

Merge pull request #155 from crazy-max/update-github-builder #372

Sign in to view logs

Merge pull request #155 from crazy-max/update-github-builder

Merge pull request #155 from crazy-max/update-github-builder #372

Workflow file for this run

.github/workflows/ci.yaml at b31cdcb
name: ci
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
workflow_dispatch:
push:
branches:
- 'master'
tags:
- 'v*'
pull_request:
env:
DOCKERHUB_SLUG: docker/buildkit-syft-scanner
BUILDX_VERSION: latest
BUILDKIT_IMAGE: moby/buildkit:latest
jobs:
build-prepare:
runs-on: ubuntu-24.04
outputs:
repo-slug: ${{ env.DOCKERHUB_SLUG }}
steps:
# FIXME: can't use env object in reusable workflow inputs: https://github.com/orgs/community/discussions/26671
- run: echo "Exposing env vars for reusable workflow"
build:
uses: docker/github-builder/.github/workflows/bake.yml@v1
needs:
- build-prepare
permissions:
contents: read # same as global permission
id-token: write # for signing attestation(s) with GitHub OIDC Token
with:
setup-qemu: true
target: image-all
cache: true
cache-scope: image
output: image
push: ${{ github.event_name != 'pull_request' }}
sbom: true
set-meta-labels: true
meta-images: |
${{ needs.build-prepare.outputs.repo-slug }}
meta-tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,event=pr
type=edge
meta-annotations: |
org.opencontainers.image.title=BuildKit Syft scanner
org.opencontainers.image.description=SBOM generation for BuildKit images
org.opencontainers.image.vendor=Docker Inc.
meta-bake-target: meta-helper
secrets:
registry-auths: |
- registry: docker.io
username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }}
dockerhub-readme:
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
needs:
- build
steps:
-
name: Checkout
uses: actions/checkout@v6
-
name: Update repo description
uses: peter-evans/dockerhub-description@v5
with:
username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_DELETE_PAT }}
repository: ${{ env.DOCKERHUB_SLUG }}