jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-01 18:05:46 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #51711 from github/repo-sync

Browse Source 
Repo sync
This commit is contained in:
docs-bot
2024-07-18 11:35:14 -07:00
committed by GitHub
parent b24ffa997a 5381272e5f
commit 8bad2f9e78
3 changed files with 23 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
content/actions/publishing-packages/publishing-docker-images.md
View File

@@ -113,10 +113,15 @@ jobs:
push: true
tags: {% raw %}${{ steps.meta.outputs.tags }}{% endraw %}
labels: {% raw %}${{ steps.meta.outputs.labels }}{% endraw %}
{% ifversion artifact-attestations %}
{% data reusables.actions.artifact-attestations-step-for-container-images %}
{% endif %}
{% ifversion artifact-attestations %}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: {% raw %}${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}{% endraw %}
subject-digest: {% raw %}${{ steps.push.outputs.digest }}{% endraw %}
push-to-registry: true
{% endif -%}
```
The above workflow checks out the {% data variables.product.prodname_dotcom %} repository, uses the `login-action` to log in to the registry, and then uses the `build-push-action` action to: build a Docker image based on your repository's `Dockerfile`; push the image to Docker Hub, and apply a tag to the image.
@@ -222,9 +227,14 @@ jobs:
tags: {% raw %}${{ steps.meta.outputs.tags }}{% endraw %}
labels: {% raw %}${{ steps.meta.outputs.labels }}{% endraw %}
{% ifversion artifact-attestations %}
{% data reusables.actions.artifact-attestations-step-for-container-images %}
{% endif %}
{% ifversion artifact-attestations %}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: {% raw %}${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}{% endraw %}
subject-digest: {% raw %}${{ steps.push.outputs.digest }}{% endraw %}
push-to-registry: true
{% endif -%}
```
The above workflow checks out the {% data variables.product.product_name %} repository, uses the `login-action` twice to log in to both registries and generates tags and labels with the `metadata-action` action.

6
data/reusables/actions/artifact-attestations-step-for-container-images.md
View File

@@ -1,6 +0,0 @@
* name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: {% raw %}${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}{% endraw %}
subject-digest: {% raw %}${{ steps.push.outputs.digest }}{% endraw %}
push-to-registry: true

7
data/reusables/package_registry/publish-docker-image.md
View File

@@ -61,6 +61,11 @@ jobs:
labels: {% raw %}${{ steps.meta.outputs.labels }}{% endraw %}
{% ifversion artifact-attestations %}
# This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)."
{% data reusables.actions.artifact-attestations-step-for-container-images %}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: {% raw %}${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}{% endraw %}
subject-digest: {% raw %}${{ steps.push.outputs.digest }}{% endraw %}
push-to-registry: true
{% endif %}
```