mirror of
https://gh.wpcy.net/https://github.com/fairpm/server.git
synced 2026-06-20 03:02:27 +08:00
45 lines
1.3 KiB
YAML
45 lines
1.3 KiB
YAML
name: Build and push container
|
|
|
|
on:
|
|
push:
|
|
tags: [ 'v*' ]
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-24.04-arm
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
steps:
|
|
- name: Harden the runner (Audit all outbound calls)
|
|
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
|
|
- name: Build and push
|
|
run: bin/build-and-push
|
|
env:
|
|
DOCKERFILE: docker/fairpm-wordpress/Dockerfile
|
|
IMAGE_NAME: ${{ github.repository }}
|
|
TAG: ${{ github.event.release.tag_name }}
|
|
REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build Summary
|
|
if: always()
|
|
run: |
|
|
echo "## Build Summary" >> $GITHUB_STEP_SUMMARY
|
|
echo "- Commit: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
|
|
echo "- Branch: ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY
|
|
echo "- Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
|
|
|
|
- name: Upload build artifacts
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: build-logs
|
|
path: /tmp/fairserver-build/
|
|
retention-days: 7
|
