Skip to content

Automatic permissions from AD groups #4749

Automatic permissions from AD groups

Automatic permissions from AD groups #4749

Workflow file for this run

name: "Build"
on:
push:
branches:
- main
tags:
- "v*"
pull_request:
workflow_dispatch:
repository_dispatch:
types:
- fast-forward
# Cancel a workflow from the same PR, branch or tag when a new workflow is triggered.
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
REGISTRY: "ghcr.io"
jobs:
build-and-push:
name: "Build and push Docker images to GitHub Packages"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: "Checkout code"
uses: actions/checkout@v4
- name: "Set up Docker Buildx"
uses: docker/setup-buildx-action@v3
- name: "Log in to the Container registry"
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Repository name needs to be lowercase
- name: "Create repository name"
id: repo
run: >-
echo "repo=$(
echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[:upper:]' '[:lower:]'
)" >> $GITHUB_OUTPUT
- name: "Extract metadata (tags, labels) for Docker"
id: meta
uses: docker/metadata-action@v5
env:
DOCKER_METADATA_PR_HEAD_SHA: true
with:
images: ${{ steps.repo.outputs.repo }}
tags: |
type=ref,event=tag,priority=3
type=sha,prefix=,priority=2
type=ref,event=branch,priority=1
labels: |
org.opencontainers.image.title=Tilavarauspalvelu Core
org.opencontainers.image.description=Tilavarauspalvelu backend ${{ github.ref_name }}.
org.opencontainers.image.version=${{ github.ref_name }}
- name: "Build backend container"
uses: docker/build-push-action@v6
with:
context: .
file: docker/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
# Use a shared cache to speed up builds
cache-from: type=registry,ref=${{ steps.repo.outputs.repo }}:cache
cache-to: type=registry,ref=${{ steps.repo.outputs.repo }}:cache,mode=max