Skip to content

Build container

Build container #30

Workflow file for this run

name: Build container
on:
workflow_dispatch: # build on demand
release:
types: [published] # build on release
schedule:
- cron: "45 4 * * 3" # 4:45am on Wednesday UTC
jobs:
build-jekyll:
runs-on: ubuntu-latest # use the GitHub hosted runners
permissions:
packages: write # for uploading the finished container
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
id-token: write # to complete the identity challenge with sigstore/fulcio when running outside of PRs
attestations: write # to create the attestations for the container
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: ghcr.io
- name: Build and push
id: push
uses: docker/build-push-action@v6
with:
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/some-natalie/jekyll-in-a-can:latest
- name: Attest the build
uses: actions/attest-build-provenance@v1
id: attest
with:
subject-name: ghcr.io/some-natalie/jekyll-in-a-can
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true