diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 673d4ee..d7c6638 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -55,6 +55,7 @@ jobs: run: | echo "desired_version=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.version')" >> "$GITHUB_OUTPUT" echo "platforms=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.platforms | join(",")')" >> "$GITHUB_OUTPUT" + echo "description=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.description')" >> "$GITHUB_OUTPUT" - name: Check Image to Build Does Not Already Exist run: | if docker manifest inspect ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.desired_version }} > /dev/null; then @@ -71,11 +72,23 @@ jobs: - name: Get Docker Metadata id: meta uses: docker/metadata-action@v5 + env: + DOCKER_METADATA_PR_HEAD_SHA: true with: images: ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }} tags: | type=semver,pattern={{version}},value=v${{ steps.calculate_version.outputs.version }} - type=sha + type=sha,prefix= + labels: | + org.opencontainers.image.title=${{ matrix.changed_dir }} + org.opencontainers.image.description=${{ steps.extract_from_config_yaml.outputs.description }} + org.opencontainers.image.vendor=Apollo GraphQL + org.opencontainers.image.licenses=MIT + annotations: | + org.opencontainers.image.title=${{ matrix.changed_dir }} + org.opencontainers.image.description=${{ steps.extract_from_config_yaml.outputs.description }} + org.opencontainers.image.vendor=Apollo GraphQL + org.opencontainers.image.licenses=MIT - name: Build and Push Docker image id: push uses: docker/build-push-action@v6 @@ -84,22 +97,18 @@ jobs: file: ${{ github.workspace }}/${{ matrix.changed_dir }}/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} + annotations: ${{ steps.meta.outputs.annotations }} labels: ${{ steps.meta.outputs.labels }} platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }} - - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 - with: - subject-name: ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }} - subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true - name: Create Git Tag - if: ${{ github.event_name != 'pull_request' }} uses: mathieudutour/github-tag-action@v6.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} default_bump: false default_prerelease_bump: false custom_tag: ${{ matrix.changed_dir }}/v${{ steps.calculate_version.outputs.version }} + dry_run: ${{ github.event_name == 'pull_request' }} + tag_prefix: "" - name: Create GitHub Release if: ${{ github.event_name != 'pull_request' }} uses: comnoco/create-release-action@v2.0.5 diff --git a/binary-builder-glibc/config.yml b/binary-builder-glibc/config.yml index ec23d6d..bc6b6ca 100644 --- a/binary-builder-glibc/config.yml +++ b/binary-builder-glibc/config.yml @@ -1,4 +1,5 @@ version: 0.1.0 +description: Builder image for Rust binaries that must be built with glibc 2.28 platforms: - linux/arm64 - linux/amd64 \ No newline at end of file diff --git a/binary-builder-musl/config.yml b/binary-builder-musl/config.yml index ec23d6d..640bcee 100644 --- a/binary-builder-musl/config.yml +++ b/binary-builder-musl/config.yml @@ -1,4 +1,5 @@ version: 0.1.0 +description: Builder image for Rust binaries that must be built with musl platforms: - linux/arm64 - linux/amd64 \ No newline at end of file