Skip to content
Multiplatform Build with Cross Compiling

Update README #61

Sign in to view logs

Update README

Update README #61

Workflow file for this run

.github/workflows/build-and-push-cross.yaml at 857d51a
name: Multiplatform Build with Cross Compiling
on:
push:
jobs:
docker:
permissions: # needed for signing and attestations
id-token: write # write seems weird, but it is correct per docs
attestations: write
contents: read
runs-on: ubuntu-latest
steps:
-
name: Install Cosign
uses: sigstore/cosign-installer@1aa8e0f2454b781fbf0fbf306a4c9533a0c57409 # v3.7.0
-
name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
-
name: Login to Docker Hub
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
username: ${{ vars.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
with:
images: |
amouat/images-bite-back-cross
labels: |
org.opencontainers.image.description=Images Bite Back Demo Cross Compile
-
name: Build and push
id: build
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6
with:
file: cross.Dockerfile
platforms: linux/amd64,linux/arm64
push: true
sbom: true
provenance: mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
-
name: Attest
uses: actions/attest-build-provenance@92c65d2898f1f53cfdc910b962cecff86e7f8fcc # v1
id: attest
with:
subject-name: index.docker.io/${{ vars.DOCKERHUB_USER }}/images-bite-back-cross
subject-digest: ${{ steps.build.outputs.digest }}
push-to-registry: true
-
name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
run: |
images=""
for tag in ${TAGS}; do
images+="${tag}@${DIGEST} "
done
cosign sign --yes ${images}