3636 permissions :
3737 contents : write
3838 packages : write
39+ id-token : write
40+ attestations : write
3941
4042 steps :
4143 - name : Checkout repository
@@ -87,34 +89,47 @@ jobs:
8789 - name : Set up Docker Buildx
8890 uses : docker/setup-buildx-action@v4.0.0
8991
90- - name : Set image name
91- id : image
92- run : echo "name=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT"
93-
9492 - name : Build and push Docker image to GitHub Container Registry
93+ id : push
9594 uses : docker/build-push-action@v7.1.0
9695 with :
9796 context : .
9897 push : true
9998 platforms : linux/amd64,linux/arm64
100- provenance : false
99+ provenance : mode=max
101100 cache-from : type=gha
102101 cache-to : type=gha,mode=max
103102 tags : |
104- ghcr.io/${{ steps.image.outputs.name }}:latest
105- ghcr.io/${{ steps.image.outputs.name }}:${{ steps.tag.outputs.semver }}
106- ghcr.io/${{ steps.image.outputs.name }}:${{ steps.tag.outputs.club }}
103+ ghcr.io/${{ github.repository }}:latest
104+ ghcr.io/${{ github.repository }}:${{ steps.tag.outputs.semver }}
105+ ghcr.io/${{ github.repository }}:${{ steps.tag.outputs.club }}
106+
107+ name : Attest build provenance
108+ uses : actions/attest-build-provenance@v4.1.0
109+ with :
110+ subject-name : ghcr.io/${{ github.repository }}
111+ subject-digest : ${{ steps.push.outputs.digest }}
112+ push-to-registry : true
107113
108114 - name : Generate changelog
109115 id : changelog
110116 run : |
111117 CURRENT_TAG="${GITHUB_REF#refs/tags/}"
112118 PREVIOUS_TAG=$(git tag --sort=-version:refname | grep -Fxv "$CURRENT_TAG" | head -n 1)
113119 if [ -n "$PREVIOUS_TAG" ]; then
114- CHANGELOG=$(git log "$PREVIOUS_TAG"..HEAD --pretty=format:"- %s" --no-merges)
120+ CHANGELOG=$(git log "$PREVIOUS_TAG"..HEAD --pretty=format:"- %s (%h) " --no-merges)
115121 else
116- CHANGELOG=$(git log --pretty=format:"- %s" --no-merges)
122+ CHANGELOG=$(git log --pretty=format:"- %s (%h)" --no-merges)
123+ fi
124+
125+ if [ -z "$CHANGELOG" ]; then
126+ if [ -n "$PREVIOUS_TAG" ]; then
127+ CHANGELOG="No new changes since $PREVIOUS_TAG"
128+ else
129+ CHANGELOG="No changes (first release)"
130+ fi
117131 fi
132+
118133 {
119134 echo "content<<EOF"
120135 echo "$CHANGELOG"
@@ -134,20 +149,15 @@ jobs:
134149
135150 ```bash
136151 # By semantic version (recommended)
137- docker pull ghcr.io/${{ steps.image.outputs.name }}:${{ steps.tag.outputs.semver }}
152+ docker pull ghcr.io/${{ github.repository }}:${{ steps.tag.outputs.semver }}
138153
139154 # By club name
140- docker pull ghcr.io/${{ steps.image.outputs.name }}:${{ steps.tag.outputs.club }}
155+ docker pull ghcr.io/${{ github.repository }}:${{ steps.tag.outputs.club }}
141156
142157 # Latest
143- docker pull ghcr.io/${{ steps.image.outputs.name }}:latest
144- ```
145-
146- ## Quick Start
147-
148- ```bash
149- docker run -p 9000:9000 ghcr.io/${{ steps.image.outputs.name }}:${{ steps.tag.outputs.semver }}
158+ docker pull ghcr.io/${{ github.repository }}:latest
150159 ```
151160
152- API available at `http://localhost:9000` · Swagger UI at `http://localhost:9000/swagger/index.html`
153- generate_release_notes : false
161+ draft : false
162+ prerelease : false
163+ generate_release_notes : true
0 commit comments