paulmataruso/docker-kms
1
0
Fork 0
mirror of https://github.com/11notes/docker-kms.git synced 2025-10-23 04:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: upgrade to latest workflow

Browse Source
This commit is contained in:
ElevenNotes
2025-07-18 11:12:07 +02:00
parent 018a0c38d1
commit aced02117a
1 changed files with 3 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.github/workflows/docker.yml vendored
View File

@@ -101,7 +101,7 @@ jobs:
const docker = { const docker = {
image:{ image:{
name:opt.dot.image, name:opt.dot.image,
arch:(opt.dot.arch || 'linux/amd64,linux/arm64'), arch:(opt.input?.etc?.arch || opt.dot?.arch || 'linux/amd64,linux/arm64'),
prefix:((opt.input?.etc?.semverprefix) ? `${opt.input?.etc?.semverprefix}-` : ''), prefix:((opt.input?.etc?.semverprefix) ? `${opt.input?.etc?.semverprefix}-` : ''),
suffix:((opt.input?.etc?.semversuffix) ? `-${opt.input?.etc?.semversuffix}` : ''), suffix:((opt.input?.etc?.semversuffix) ? `-${opt.input?.etc?.semversuffix}` : ''),
description:(opt.dot?.readme?.description || ''), description:(opt.dot?.readme?.description || ''),
@@ -287,21 +287,8 @@ jobs:
# RELEASE # RELEASE
- name: github / release / log
continue-on-error: true
id: git-log
run: |
LOCAL_LAST_TAG=$(git describe --abbrev=0 --tags `git rev-list --tags --skip=1 --max-count=1`)
echo "using last tag: ${LOCAL_LAST_TAG}"
LOCAL_COMMITS=$(git log ${LOCAL_LAST_TAG}..HEAD --oneline)
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
echo "commits<<${EOF}" >> ${GITHUB_OUTPUT}
echo "${LOCAL_COMMITS}" >> ${GITHUB_OUTPUT}
echo "${EOF}" >> ${GITHUB_OUTPUT}
- name: github / release / markdown - name: github / release / markdown
if: env.WORKFLOW_CREATE_RELEASE == 'true' && steps.git-log.outcome == 'success' if: env.WORKFLOW_CREATE_RELEASE == 'true'
id: git-release id: git-release
uses: 11notes/action-docker-release@v1 uses: 11notes/action-docker-release@v1
# WHY IS THIS ACTION NOT SHA256 PINNED? SECURITY MUCH?!?!?! # WHY IS THIS ACTION NOT SHA256 PINNED? SECURITY MUCH?!?!?!
@@ -310,8 +297,6 @@ jobs:
# in the repo. This code is not modified and can't be modified by this action. # in the repo. This code is not modified and can't be modified by this action.
# It does create the markdown for the release, which could be abused, but to what # It does create the markdown for the release, which could be abused, but to what
# extend? Adding a link to a malicious repo? # extend? Adding a link to a malicious repo?
with:
git_log: ${{ steps.git-log.outputs.commits }}
- name: github / release / create - name: github / release / create
if: env.WORKFLOW_CREATE_RELEASE == 'true' && steps.git-release.outcome == 'success' if: env.WORKFLOW_CREATE_RELEASE == 'true' && steps.git-release.outcome == 'success'
@@ -419,7 +404,7 @@ jobs:
if [ -f LICENSE ]; then if [ -f LICENSE ]; then
git add LICENSE git add LICENSE
fi fi
git commit -m "github-actions[bot]: update README.md" git commit -m "auto update README.md"
git push origin HEAD:master git push origin HEAD:master