name: Build and upload all apko container base images on: workflow_dispatch: push: branches: - main paths: - "apko/**" - ".github/workflows/build-apko-image.yml" jobs: build-apko-image: runs-on: ubuntu-22.04 permissions: contents: read packages: write steps: - name: Check out repository id: checkout uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 with: ref: ${{ github.head_ref }} - name: Get pseudo version id: pseudo-version uses: ./.github/actions/pseudo_version - name: Build and upload apko image uses: ./.github/actions/build_apko with: containerTags: | ${{ steps.pseudo-version.outputs.version }} ${{ github.ref_name == 'main' && 'latest' || github.ref_name }} registry: ghcr.io githubToken: ${{ secrets.GITHUB_TOKEN }} cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }} cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }} cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}