added new Cerner Logos + HCA logo. #317
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker | |
on: | |
push: | |
branches: [ main, beta ] | |
# Publish semver tags as releases. | |
release: | |
types: [published] | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
docker: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
id-token: write | |
strategy: | |
matrix: | |
flavor: [main, sandbox] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: "Populate frontend version information" | |
run: "cd frontend && ./git.version.sh" | |
- name: Set up depot.dev multi-arch runner | |
uses: depot/setup-action@v1 | |
# Login against a Docker registry except on PR | |
# https://github.com/docker/login-action | |
- name: Log into registry ${{ env.REGISTRY }} | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Extract metadata (tags, labels) for Docker | |
# https://github.com/docker/metadata-action | |
- name: Extract Docker metadata | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
flavor: | | |
# only latest if push has a tag and we're building the "main" flavor | |
latest=${{ github.event_name == 'release' && matrix.flavor == 'main' && github.ref_type == 'tag' }} | |
tags: | | |
# if this is a tag'd build, prefix it with the flavor (eg. main-v1.2.3 and sandbox-v1.2.3) | |
type=ref,event=tag,prefix=${{ matrix.flavor }}- | |
# if this is a main branch build, just tag it with the flavor (eg. main and sandbox) | |
type=raw,value=${{ matrix.flavor }},enable=${{ github.ref_name == 'main' }} | |
# if this is a (non main) branch build, tag it with the flavor and branch name (eg. main-branch and sandbox-branch) | |
type=ref,event=branch,prefix=${{ matrix.flavor }}-,enable=${{ github.ref_name != 'main' }} | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
# Build and push Docker image with Buildx (don't push on PR) | |
# https://github.com/docker/build-push-action | |
- name: Build and push Docker image | |
uses: depot/build-push-action@v1 | |
with: | |
project: vhwr5r7tw1 | |
# platforms: linux/amd64,linux/arm64,linux/arm/v7 | |
platforms: linux/amd64,linux/arm64 | |
context: . | |
file: Dockerfile | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-args: | | |
FASTEN_ENV=${{ matrix.flavor == 'sandbox' && 'sandbox' || 'prod' }} | |
# sbom: true | |
# sbom-dir: ./sbom-output | |
# - name: upload SBOM directory as a build artifact | |
# uses: actions/[email protected] | |
# with: | |
# path: ./sbom-output | |
# name: 'SBOM' | |
# | |
# - name: upload spdx dependency | |
# uses: advanced-security/[email protected] | |
# with: | |
# filePath: ./sbom-output/ |