Test #23

Workflow file for this run

	name: Publish Docker image

	on:
	release:
	types: [published]

	jobs:
	push_to_registry:
	name: Push Docker image to Docker Hub
	runs-on: ubuntu-latest
	permissions:
	packages: write
	contents: read
	attestations: write
	id-token: write
	steps:
	- name: Check out the repo
	uses: actions/checkout@v4

	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: xrv40005/python-demo

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build and push Docker image
	id: push
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	outputs: type=docker,dest=/tmp/python-demo.tar

	# - name: Export Docker image
	# uses: docker/build-push-action@v6
	# with:
	# context: .
	# file: ./Dockerfile
	# outputs: type=docker,dest=/tmp/python-demo.tar

	- name: Deepbits SBOM Action
	uses: ./.github/deepbits
	id: deepbits
	with:
	apiKey: ${{ secrets.API_KEY }}
	path: /tmp/python-demo.tar
	project: 667d97a2fad9fb62a091c43c

	- name: Generate SBOM Attestation
	uses: actions/attest-sbom@v1
	with:
	subject-digest: ${{ steps.push.outputs.digest }}
	subject-name: index.docker.io/xrv40005/python-demo
	sbom-path: ${{ steps.deepbits.outputs.bomPath }}
	push-to-registry: true

	- name: Generate artifact attestation
	uses: actions/attest-build-provenance@v1
	with:
	subject-name: index.docker.io/xrv40005/python-demo
	subject-digest: ${{ steps.push.outputs.digest }}
	push-to-registry: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Test #23

Workflow file

Test #23

Jobs

Run details

Workflow file for this run