name: Publish test-ubuntu-git Container on: # Use an on demand workflow trigger. # (Forked copies of actions/checkout won't have permission to update GHCR.io/actions, # so avoid trigger events that run automatically.) workflow_dispatch: inputs: publish: description: 'Publish to ghcr.io? (main branch only)' type: boolean required: true default: false env: REGISTRY: ghcr.io IMAGE_NAME: actions/test-ubuntu-git jobs: build-and-push-image: runs-on: ubuntu-latest # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: contents: read packages: write steps: - name: Checkout repository uses: actions/checkout@v4 # Use `docker/login-action` to log in to GHCR.io. # Once published, the packages are scoped to the account defined here. - name: Log in to the ghcr.io container registry uses: docker/login-action@v3.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Format Timestamp id: timestamp # Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects. run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT" # Use `docker/build-push-action` to build (and optionally publish) the image. - name: Build and push Docker image uses: docker/build-push-action@v5.1.0 with: context: . file: images/test-ubuntu-git.Dockerfile # For now, attempts to push to ghcr.io must target the `main` branch. # In the future, consider also allowing attempts from `releases/*` branches. push: ${{ inputs.publish && github.ref_name == 'main' }} tags: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}