Create docker-publish.yml

[piglee05022]

This pull request introduces a new GitHub Actions workflow to automate Docker image building, publishing, and signing. The workflow is designed to streamline the process for the main branch and semver tags, while ensuring security through identity challenges and metadata extraction.

Docker Workflow Automation:

• .github/workflows/docker-publish.yml: Added a new workflow named "Docker" to automate building, pushing, and signing Docker images. The workflow triggers on main branch pushes, semver tags, and pull requests, and includes steps for setting up Buildx, logging into the registry, extracting metadata, and signing images.

[piglee05022]

This pull request adds a new GitHub Actions workflow to automate the publishing of Docker images. The workflow includes steps to build, tag, and optionally push Docker images to a registry, as well as signing the images for security purposes when not running in pull requests.

New Docker publishing workflow:

• Workflow setup: Created a new workflow named Docker in .github/workflows/docker-publish.yml. The workflow triggers on main branch pushes, semver tag pushes, and pull requests. It uses environment variables for the Docker registry and image name.
• Build and push Docker images: Configured steps to set up Docker Buildx, extract metadata, build Docker images, and optionally push them to a registry when not running in pull requests.
• Image signing: Added steps to sign the resulting Docker image digest using cosign, ensuring security and transparency. This step is skipped for pull requests.

[piglee05022]

This pull request introduces a new GitHub Actions workflow to automate the publishing of Docker images. The workflow handles building, tagging, pushing, and signing Docker images, with conditional steps for pull requests versus direct pushes to the main branch or semver tags.

New GitHub Actions Workflow for Docker Automation:

• Workflow Configuration:

  • Added a new workflow named Docker in .github/workflows/docker-publish.yml. It triggers on scheduled cron jobs, pushes to the main branch, and semver tag releases.

• Environment Setup:

  • Defined environment variables for the Docker registry (REGISTRY) and image name (IMAGE_NAME) based on the GitHub repository.

• Job Steps:

  • Repository Checkout: Uses actions/checkout@v4 to clone the repository.
  • Tool Installation: Installs cosign for Docker image signing, conditional on non-PR events.
  • Build Setup: Configures Docker Buildx for multi-platform builds and cache export using docker/setup-buildx-action.
  • Registry Login: Logs into the Docker registry using docker/login-action, conditional on non-PR events.
  • Metadata Extraction

[piglee05022]

This pull request introduces a new GitHub Actions workflow for publishing Docker images. The workflow automates the process of building, tagging, pushing, and signing Docker images, with support for multi-platform builds and caching.

Docker Workflow Implementation:

• Workflow Setup: Added a new workflow file .github/workflows/docker-publish.yml to automate Docker image publishing triggered by push, pull_request, and scheduled events. It includes environment variables for registry and image name configuration.

• Build and Push Process: Configured steps to set up Docker Buildx for multi-platform builds, extract metadata for tagging and labeling, and build/push Docker images using docker/build-push-action. Push operations are skipped for pull requests.

• Registry Login: Integrated docker/login-action to authenticate with the Docker registry, except for pull request events, using the GitHub actor and token.

• Image Signing: Added a step to sign published Docker images using sigstore/cosign, ensuring image integrity and transparency. Signing is skipped for pull requests.

• Tool Installation: Included sigstore/cosign-installer for installing the cosign tool and configured Buildx setup using docker/setup-buildx-action.