Josh Knapp
8b74cd5a4e
Adds a second registry login + tag to both build-push workflows so each build publishes to ghcr.io alongside the in-house Gitea registry. Single build, two destinations — docker/build-push-action handles the multi-tag push in one step. Requires Gitea Actions secret GHCR_TOKEN (a classic PAT with write:packages on the shadowdao user). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
55 lines
1.6 KiB
YAML
55 lines
1.6 KiB
YAML
name: Build and push coraza-spoa
|
|
run-name: ${{ gitea.actor }} pushed a change to coraza-spoa/
|
|
|
|
# Triggers only on changes to the coraza-spoa subdirectory or this workflow
|
|
# file itself — keeps the main haproxy-manager-base build and the coraza-spoa
|
|
# build independent. workflow_dispatch lets us trigger manually after bumping
|
|
# the upstream coraza-spoa version pin.
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- 'coraza-spoa/**'
|
|
- '.gitea/workflows/build-push-coraza.yaml'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
Build-and-Push:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: https://github.com/docker/setup-buildx-action@v3
|
|
|
|
- name: Login to Gitea
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: repo.anhonesthost.net
|
|
username: ${{ secrets.CI_USER }}
|
|
password: ${{ secrets.CI_TOKEN }}
|
|
|
|
# Mirror to GitHub Container Registry — see build-push.yaml for the
|
|
# secret/username convention.
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: shadowdao
|
|
password: ${{ secrets.GHCR_TOKEN }}
|
|
|
|
- name: Build Image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: ./coraza-spoa
|
|
platforms: linux/amd64
|
|
push: true
|
|
tags: |
|
|
repo.anhonesthost.net/cloud-hosting-platform/coraza-spoa:latest
|
|
ghcr.io/shadowdao/coraza-spoa:latest
|