BCCDC-PHL · dfornika · Aug 26, 2024 · Aug 23, 2024 · Aug 23, 2024 · Aug 26, 2024
diff --git a/.github/workflows/build_and_publish_image.yml b/.github/workflows/build_and_publish_image.yml
@@ -1,3 +1,4 @@
+# https://docs.github.com/en/actions/use-cases-and-examples/publishing-packages/publishing-docker-images
 name: Build and Publish Image
 
 # Configures this workflow to run every time a change is pushed to the branch called `release`.
@@ -8,7 +9,7 @@ on:
 # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_NAME: bccdc-phl/auspice
 
 jobs:
   build-and-publish-image:
@@ -25,7 +26,7 @@ jobs:
       # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that
       # will publish the packages. Once published, the packages are scoped to the account defined here.
       - name: Log in to the Container registry
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -35,7 +36,7 @@ jobs:
       # a subsequent step. The `images` value provides the base name for the tags and labels.
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
       # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
@@ -44,13 +45,12 @@ jobs:
       # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
       - name: Build and push Docker image
         id: push
-        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-
       # This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built.
       # It increases supply chain security for people who consume the image. For more information,
       # see "[Using artifact attestations to establish provenance for builds](https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)." 

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,7 @@
 FROM node:16-slim
 
+ARG AUSPICE_VERSION="v2.56.1"
+
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates \
     git
@@ -8,7 +10,7 @@ COPY scripts /scripts
 
 WORKDIR /nextstrain/auspice
 
-RUN /scripts/download-repo https://github.com/BCCDC-PHL/auspice release . \
+RUN /scripts/download-repo https://github.com/BCCDC-PHL/auspice ${AUSPICE_VERSION} . \
     && npm install --omit dev . && npm link
 
 ENV HOST=0.0.0.0