name: Build container image
on: workflow_dispatch
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
jobs:
build-push-image:
runs-on: ubuntu-latest
timeout-minutes: 800
permissions:
id-token: write
contents: read
packages: write
attestations: write
name: Build and push container/Linux
steps:
- name: Install qemu
run: sudo apt-get update && sudo apt-get install qemu-user-static
- name: Checkout sources
uses: actions/checkout@v6
- name: Log in to ghcr.io
uses: redhat-actions/podman-login@v1
with:
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
registry: ${{ env.IMAGE_REGISTRY }}
- name: Build container images with podman
id: build-image
run: |
podman manifest create dash-mpd-cli
buildah build -f etc/Containerfile_linux_amd64 --platform linux/amd64 --tag dash-mpd-cli-linux-amd64 --manifest dash-mpd-cli .
buildah build -f etc/Containerfile_linux_aarch64 --platform linux/arm64 --tag dash-mpd-cli-linux-aarch64 --manifest dash-mpd-cli .
buildah build -f etc/Containerfile_linux_armv7 --platform linux/arm/v7 --tag dash-mpd-cli-linux-armv7 --manifest dash-mpd-cli .
buildah build -f etc/Containerfile_linux_riscv64 --platform linux/riscv64 --tag dash-mpd-cli-linux-riscv64 --manifest dash-mpd-cli .
- name: Push container image
id: push-to-registry
uses: redhat-actions/push-to-registry@v2
with:
image: dash-mpd-cli
tags: latest
registry: ${{ env.IMAGE_REGISTRY }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v3
with:
subject-name: 'ghcr.io/emarsden/dash-mpd-cli'
subject-digest: ${{ steps.push-to-registry.outputs.digest }}
push-to-registry: true