From fbc230db1998aa85988765b59e13bff135abff45 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Thu, 12 Oct 2023 16:30:38 -0500 Subject: [PATCH] chore(ci): fixup CI (#390) Somehow #375 merged with very broken CI. This should fix the build at least. Not sure about the merge weirdness. Force merging because the build workflow is totally broken right now without this. --- .github/workflows/build.yml | 49 +++++++++---------------------------- 1 file changed, 11 insertions(+), 38 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0595aeeb..4743e4e9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -154,7 +154,7 @@ jobs: # Generate image metadata - name: Image Metadata uses: docker/metadata-action@v5 - id: meta-main + id: meta with: images: | ${{ env.IMAGE_NAME }} @@ -167,7 +167,7 @@ jobs: # Build image using Buildah action - name: Build Image - id: build_image-main + id: build_image uses: redhat-actions/buildah-build@v2 with: containerfiles: | @@ -179,7 +179,7 @@ jobs: IMAGE_NAME=${{ matrix.image_name }} SOURCE_IMAGE=${{ env.SOURCE_IMAGE }} FEDORA_MAJOR_VERSION=${{ matrix.major_version }} - labels: ${{ steps.meta-main.outputs.labels }} + labels: ${{ steps.meta.outputs.labels }} oci: false extra-args: | --target=${{ matrix.build_target }} @@ -192,33 +192,16 @@ jobs: with: string: ${{ env.IMAGE_REGISTRY }} - # Push the image to GHCR (Image Registry) - - name: Push Base To GHCR + - name: Push To GHCR uses: redhat-actions/push-to-registry@v2 - id: push-base + id: push if: github.event_name != 'pull_request' env: REGISTRY_USER: ${{ github.actor }} REGISTRY_PASSWORD: ${{ github.token }} with: - image: ${{ steps.build_image-base.outputs.image }} - tags: ${{ steps.build_image-base.outputs.tags }} - registry: ${{ steps.registry_case.outputs.lowercase }} - username: ${{ env.REGISTRY_USER }} - password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust - - - name: Push Main To GHCR - uses: redhat-actions/push-to-registry@v2 - id: push-main - if: github.event_name != 'pull_request' - env: - REGISTRY_USER: ${{ github.actor }} - REGISTRY_PASSWORD: ${{ github.token }} - with: - image: ${{ steps.build_image-main.outputs.image }} - tags: ${{ steps.build_image-main.outputs.tags }} + image: ${{ steps.build_image.outputs.image }} + tags: ${{ steps.build_image.outputs.tags }} registry: ${{ steps.registry_case.outputs.lowercase }} username: ${{ env.REGISTRY_USER }} password: ${{ env.REGISTRY_PASSWORD }} @@ -237,29 +220,19 @@ jobs: - uses: sigstore/cosign-installer@v3.1.2 if: github.event_name != 'pull_request' - - name: Sign Base container image - if: github.event_name != 'pull_request' - run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image-base.outputs.image }}@${TAGS} - env: - TAGS: ${{ steps.push-base.outputs.digest }} - COSIGN_EXPERIMENTAL: false - COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} - - - name: Sign Main container image + - name: Sign container image if: github.event_name != 'pull_request' run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image-main.outputs.image }}@${TAGS} + cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} env: - TAGS: ${{ steps.push-main.outputs.digest }} + TAGS: ${{ steps.push.outputs.digest }} COSIGN_EXPERIMENTAL: false COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} - name: Echo outputs if: github.event_name != 'pull_request' run: | - echo "${{ toJSON(steps.push-base.outputs) }}" - echo "${{ toJSON(steps.push-main.outputs) }}" + echo "${{ toJSON(steps.push.outputs) }}" check: name: Check all builds successful