kured/.github/workflows/on-main-push.yaml

# We publish every merged commit in the form of an image
# named kured:<branch>-<short tag>
name: Push image of latest main
on:
  push:
    branches:
      - main
jobs:
  tag-scan-and-push-final-image:
    name: "Build, scan, and publish tagged image"
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Find go version
        run: |
          GO_VERSION=$(awk '/^go/ {print $2};' go.mod)
          echo "::set-output name=version::${GO_VERSION}"
        id: awk_gomod

      - name: Ensure go version
        uses: actions/setup-go@v3
        with:
          go-version: "${{ steps.awk_gomod.outputs.version }}"
          check-latest: true

      - name: Login to DockerHub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME_WEAVEWORKSKUREDCI }}
          password: ${{ secrets.DOCKERHUB_TOKEN_WEAVEWORKSKUREDCI }}

      - name: Login to ghcr.io
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: weave-ghcr-bot
          password: ${{ secrets.KURED_WEAVE_GHCR_BOT_TOKEN }}

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v2

      - name: Find current tag version
        run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
        id: tags

      - name: Build image
        uses: docker/build-push-action@v3
        with:
          context: .
          file: cmd/kured/Dockerfile.multi
          platforms: linux/arm64, linux/amd64, linux/arm/v7, linux/arm/v6, linux/386
          push: true
          tags: |
            docker.io/${{ GITHUB.REPOSITORY }}:main-${{ steps.tags.outputs.sha_short }}
            ghcr.io/${{ GITHUB.REPOSITORY }}:main-${{ steps.tags.outputs.sha_short }}