Release pipeline

[GAS85]

Hey, we can automate release of images as perform update if needed. Also image will be builded for different arch. You can view how it was at the end here: https://hub.docker.com/r/gas85/ssh-auth-logger/tags

Here it is, you shall add DOCKERHUB_USERNAME and DOCKERHUB_TOKEN in your GitHub repository secrets.

Protect your tags

You shall add rule to protect tagging.

Option 1

Repository → Settings → Rules → Rulesets → New ruleset

Choose:

• Target: Tags
• Pattern: v*
  Then you can:
• Restrict who can create tags
• Require signed tags
• Restrict force deletion

This prevents random users from creating release tags.

Option 2

You can fail the workflow if the tag is not on master.

Add this step before building:

- name: Ensure tag is on master run: |  git fetch origin master  if ! git branch --remotes --contains $GITHUB_SHA | grep origin/master; then  echo "Tag is not on master branch"  exit 1  fi

Finish

Now you can build images with version tag in Semver format vX.Y.Z and latest will be add automatically.

[GAS85]

Those Arguments will be automatically replaced by build process with version (that is equal to tag), SHA summ as reference to commit and build date.

ARG VERSION=dev ARG VCS_REF=dev ARG BUILD_DATE=unknown