Add GHCR perms to CI and pin Action versions

This commit is contained in:
Tom Plant 2023-04-18 22:36:38 +10:00 committed by GitHub
parent f9ff57a26e
commit e4d7b53112
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -5,12 +5,14 @@ on:
branches:
- master
- main
jobs:
push:
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
@ -18,7 +20,6 @@ jobs:
with:
java-version: '17'
distribution: 'temurin'
- uses: gradle/gradle-build-action@v2.3.3
with:
@ -39,7 +40,7 @@ jobs:
password: ${{ secrets.DOCKER_HUB_API }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@v2.1.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@ -47,7 +48,7 @@ jobs:
- name: Generate tags
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v4.4.0
with:
images: |
frooodle/s-pdf
@ -56,13 +57,13 @@ jobs:
${{ steps.versionNumber.outputs.versionNumber }}${{ github.ref == 'refs/heads/main' && '-alpha' || '' }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v2.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v2.5.0
- name: Build and push
uses: docker/build-push-action@v4
uses: docker/build-push-action@v4.0.0
with:
push: true
tags: ${{ steps.meta.outputs.tags }}