Skip to content

Bump docker/setup-qemu-action from 2 to 3 #91

Bump docker/setup-qemu-action from 2 to 3

Bump docker/setup-qemu-action from 2 to 3 #91

Workflow file for this run

name: preview
on:
# pull_request_target を使うにあたって https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ の一読を推奨
pull_request_target:
permissions:
packages: write
env:
IMAGE_NAME: traq-ui
jobs:
build-preview-image:
name: Build Preview Image
runs-on: ubuntu-latest
steps:
- name: Set PR_NUMBER env
run: echo "PR_NUMBER=${{ github.event.number }}" >> $GITHUB_ENV
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Builder instance name
run: echo ${{ steps.buildx.outputs.name }}
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: traptitech
password: ${{ secrets.GITHUB_TOKEN }}
# 隔離された環境でビルドを行い、write perm付きトークンをユーザーのコードに与えないよう注意すること
- name: Build
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
# NOTE: once https://github.com/argoproj/argo-cd/pull/13199 is released we can use short sha
tags: ghcr.io/traptitech/${{ env.IMAGE_NAME }}:preview-${{ env.PR_NUMBER }}-${{ github.event.pull_request.head.sha }}
cache-from: type=registry,ref=ghcr.io/traptitech/${{ env.IMAGE_NAME }}:buildcache