Deploy quarkiverse/quarkus-backstage latest to Quay.io #56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Quay.io | |
| run-name: Deploy ${{ github.event.inputs.image_name }} ${{ github.event.inputs.image_tag }} to Quay.io | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| image_name: | |
| description: 'Image Name' | |
| required: true | |
| image_tag: | |
| description: 'Image Tag' | |
| required: true | |
| github_repository: | |
| description: 'GitHub repository of the artifact' | |
| required: true | |
| run_id: | |
| description: 'Run ID of the release workflow' | |
| required: true | |
| env: | |
| PAYLOAD_NAME: ${{ github.event.inputs.image_name }} | |
| PAYLOAD_VERSION: ${{ github.event.inputs.image_tag }} | |
| PAYLOAD_REPOSITORY: ${{ github.event.inputs.github_repository }} | |
| PAYLOAD_RUN_ID: ${{ github.event.inputs.run_id }} | |
| concurrency: | |
| # Group by repository and version | |
| group: ${PAYLOAD_REPOSITORY}-${PAYLOAD_VERSION} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy_to_quay: | |
| environment: quay.io | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Set environment variables | |
| run: | | |
| echo "ARTIFACT_PATH=artifact.tar.gz" >> $GITHUB_ENV | |
| - name: Download artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: artifact | |
| repository: ${{ env.PAYLOAD_REPOSITORY }} | |
| run-id: ${{ env.PAYLOAD_RUN_ID }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Verify Artifact Attestation | |
| run: gh attestation verify --repo ${PAYLOAD_REPOSITORY} ${ARTIFACT_PATH} --signer-repo quarkiverse/.github | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Log in to Quay Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - name: Deploy Artifact to Quay | |
| run: | | |
| skopeo -v | |
| skopeo copy --insecure-policy --multi-arch all oci-archive:${ARTIFACT_PATH} docker://quay.io/${PAYLOAD_REPOSITORY}:${PAYLOAD_VERSION} |