infra: image: protect :latest tag so only the default branch can push to it
infra: image: fix hard coded image name
This commit is contained in:
@@ -16,6 +16,13 @@ jobs:
|
|||||||
id: image-changes
|
id: image-changes
|
||||||
run: |
|
run: |
|
||||||
echo "branch_name=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITEA_OUTPUT
|
echo "branch_name=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITEA_OUTPUT
|
||||||
|
|
||||||
|
if [[ "${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" == "${{ gitea.event.repository.default_branch }}" ]]; then
|
||||||
|
echo "image_tag=latest"
|
||||||
|
else
|
||||||
|
echo "image_tag=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}"
|
||||||
|
fi
|
||||||
|
|
||||||
if ! git diff ${{ gitea.event.before }} ${{ gitea.sha }} --no-patch --exit-code .docker; then
|
if ! git diff ${{ gitea.event.before }} ${{ gitea.sha }} --no-patch --exit-code .docker; then
|
||||||
echo changes_detected=true >> $GITEA_OUTPUT
|
echo changes_detected=true >> $GITEA_OUTPUT
|
||||||
else
|
else
|
||||||
@@ -39,13 +46,13 @@ jobs:
|
|||||||
uses: docker/build-push-action@v6
|
uses: docker/build-push-action@v6
|
||||||
with:
|
with:
|
||||||
push: true
|
push: true
|
||||||
tags: git.epenguin.net/${{ gitea.repository }}:latest
|
tags: git.epenguin.net/${{ gitea.repository }}:${{ steps.image-changes.outputs.image_tag }}
|
||||||
context: "{{defaultContext}}:.docker"
|
context: "{{defaultContext}}:.docker"
|
||||||
|
|
||||||
build:
|
build:
|
||||||
runs-on: brutalisk
|
runs-on: brutalisk
|
||||||
container:
|
container:
|
||||||
image: git.epenguin.net/gentoo-utils/gentoo-utils-gitea:latest
|
image: git.epenguin.net/${{ gitea.repository }}:${{ steps.image-changes.outputs.image_tag }}
|
||||||
needs: build-oci-image
|
needs: build-oci-image
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repo
|
- name: Checkout repo
|
||||||
|
|||||||
Reference in New Issue
Block a user