Refactor multi-build.yaml workflow to update GHCR_IMAGE environment v…

…ariable, enable Trivy vulnerability scanning, and use GITHUB_ENV for setting environment variables
sredevopsorg · Apr 20, 2024 · 8008b84 · 8008b84
1 parent 60efa7b
commit 8008b84
Showing 1 changed file with 11 additions and 9 deletions.
diff --git a/.github/workflows/multi-build.yaml b/.github/workflows/multi-build.yaml
@@ -56,6 +56,8 @@ jobs:
           if [ ${{ env.GITHUB_EVENT_NAME }} == workflow_dispatch ]; then
             echo "GHOST_VERSION=${{ github.event.inputs.ghost_version }}" >> $GITHUB_OUTPUT
             echo "MANUAL_TAG=${{ github.event.inputs.manual-tag }}" >> $GITHUB_OUTPUT
+            echo "GHOST_VERSION=${{ github.event.inputs.ghost_version }}" >> $GITHUB_ENV
+            echo "MANUAL_TAG=${{ github.event.inputs.manual-tag }}" >> $GITHUB_ENV
           else
             echo "GHOST_VERSION=$(curl -s https://api.github.com/repos/tryghost/ghost/releases/latest | jq '.name' | sed 's/\"//g')" >> $GITHUB_OUTPUT
           fi
@@ -72,11 +74,11 @@ jobs:
         continue-on-error: true
         with:
           images: ${{ env.GHCR_IMAGE }}
-          tags: |
-            type=raw,value=latest,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
-            type=raw,value=main,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
-            type=raw,value=${{ steps.versions.outputs.MANUAL_TAG }},enable=${{ github.event_name == 'workflow_dispatch' }}
-            type=raw,value=v${{ steps.versions.outputs.GHOST_VERSION }},enable=${{ github.event_name == 'workflow_dispatch' }}
+          # tags: |
+          #   type=raw,value=latest,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
+          #   type=raw,value=main,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
+          #   type=raw,value=${{ steps.versions.outputs.MANUAL_TAG }},enable=${{ github.event_name == 'workflow_dispatch' }}
+          #   type=raw,value=v${{ steps.versions.outputs.GHOST_VERSION }},enable=${{ github.event_name == 'workflow_dispatch' }}
 
       -
         name: Set up QEMU
@@ -151,10 +153,10 @@ jobs:
         with:
           images: ${{ env.GHCR_IMAGE }}
           tags: |
-            type=raw,value=latest,enable=${{is_default_branch}}
-            type=raw,value=main,enable=${{is_default_branch}}
-            type=raw,value=${{ steps.git.outputs.version }},enable=${{ github.event_name == 'workflow_dispatch' }}
-            type=raw,value=v${{ steps.versions.outputs.GHOST_VERSION }},enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=raw,value=latest,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
+            type=raw,value=main,enable=${{ github.event_name == 'push' || github.ref == 'refs/heads/main' || github.event.ref == 'tags/v*' }}
+            type=raw,value=${{ github.env.MANUAL_TAG }},enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=raw,value=v${{ github.env.GHOST_VERSION }},enable=${{ github.event_name == 'workflow_dispatch' }}
       -
         name: Login to GitHub Container Registry
         uses: docker/login-action@v3