Compare commits

..

68 Commits

Author SHA1 Message Date
github-actions[bot] ee0d698156 [dependabot skip] chore: update generated content 2026-07-01 15:53:52 +00:00
dependabot[bot] 127dc2c62e build(deps): bump @docker/actions-toolkit from 0.91.0 to 0.92.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.91.0 to 0.92.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.91.0...v0.92.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-version: 0.92.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:52:52 +00:00
CrazyMax 28d93c8e86 Merge pull request #999 from docker/dependabot/npm_and_yarn/aws-sdk-dependencies-b2b0f464cc
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
2026-07-01 17:50:44 +02:00
github-actions[bot] bb4abc2b4e [dependabot skip] chore: update generated content 2026-07-01 15:49:15 +00:00
dependabot[bot] 46b0f7f7db build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
Bumps the aws-sdk-dependencies group with 2 updates in the / directory: [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public).


Updates `@aws-sdk/client-ecr` from 3.1052.0 to 3.1075.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1075.0/clients/client-ecr)

Updates `@aws-sdk/client-ecr-public` from 3.1052.0 to 3.1075.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1075.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-version: 3.1053.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-version: 3.1053.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:48:13 +00:00
CrazyMax 02ce84ffb2 Merge pull request #1017 from docker/dependabot/npm_and_yarn/proxy-agent-dependencies-c4582b8cb5
build(deps): bump the proxy-agent-dependencies group across 1 directory with 2 updates
2026-07-01 17:34:10 +02:00
github-actions[bot] aac44b8023 [dependabot skip] chore: update generated content 2026-07-01 15:31:48 +00:00
dependabot[bot] e6a67367bb build(deps): bump the proxy-agent-dependencies group across 1 directory with 2 updates
Bumps the proxy-agent-dependencies group with 2 updates in the / directory: [http-proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/http-proxy-agent) and [https-proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/https-proxy-agent).


Updates `http-proxy-agent` from 9.0.0 to 9.1.0
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/http-proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/http-proxy-agent@9.1.0/packages/http-proxy-agent)

Updates `https-proxy-agent` from 9.0.0 to 9.1.0
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/https-proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/https-proxy-agent@9.1.0/packages/https-proxy-agent)

---
updated-dependencies:
- dependency-name: http-proxy-agent
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: proxy-agent-dependencies
- dependency-name: https-proxy-agent
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: proxy-agent-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:30:48 +00:00
CrazyMax e12cbe383a Merge pull request #1026 from docker/dependabot/github_actions/actions/checkout-7.0.0
build(deps): bump actions/checkout from 6.0.3 to 7.0.0
2026-07-01 17:28:18 +02:00
CrazyMax 9ef03105cf Merge pull request #1028 from docker/dependabot/npm_and_yarn/js-yaml-5.2.0
build(deps): bump js-yaml from 4.1.1 to 5.2.0
2026-07-01 17:27:51 +02:00
github-actions[bot] cca864db18 [dependabot skip] chore: update generated content 2026-07-01 15:24:52 +00:00
dependabot[bot] ecd3da5c9a build(deps): bump js-yaml from 4.1.1 to 5.2.0
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 5.2.0.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.1...5.2.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:23:59 +00:00
dependabot[bot] 9f1db17ebe build(deps): bump actions/checkout from 6.0.3 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:22:55 +00:00
CrazyMax c52380340b Merge pull request #1020 from docker/dependabot/npm_and_yarn/undici-6.27.0
build(deps): bump undici from 6.24.1 to 6.27.0
2026-07-01 17:19:54 +02:00
github-actions[bot] f941705c01 [dependabot skip] chore: update generated content 2026-07-01 15:16:40 +00:00
dependabot[bot] 1a44f13eda build(deps): bump undici from 6.24.1 to 6.27.0
Bumps [undici](https://github.com/nodejs/undici) from 6.24.1 to 6.27.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.24.1...v6.27.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 6.27.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:15:42 +00:00
CrazyMax 4691d54c76 Merge pull request #1023 from docker/dependabot/npm_and_yarn/sigstore/core-3.2.1
build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
2026-07-01 17:13:37 +02:00
CrazyMax 2564fa2273 Merge pull request #1019 from docker/dependabot/npm_and_yarn/vite-7.3.5
build(deps): bump vite from 7.3.3 to 7.3.6
2026-07-01 17:13:08 +02:00
CrazyMax 1d117b3de6 Merge pull request #1009 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.2.0
build(deps): bump aws-actions/configure-aws-credentials from 6.1.2 to 6.2.1
2026-07-01 17:12:12 +02:00
CrazyMax 54354cec26 Merge pull request #1014 from docker/dependabot/github_actions/github/codeql-action-4.36.2
build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
2026-07-01 17:11:38 +02:00
CrazyMax 291ce15746 Merge pull request #1015 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
2026-07-01 17:10:49 +02:00
dependabot[bot] d144cc9aaf build(deps): bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.2 to 6.2.1.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/acca2b1b2070338fb9fd1ca27ecee81d687e58e5...254c19bd240aabef8777f48595e9d2d7b972184b)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:10:47 +00:00
CrazyMax 9bc29939f1 Merge pull request #1013 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
2026-07-01 17:10:25 +02:00
CrazyMax 42702f7ab5 Merge pull request #1012 from docker/dependabot/github_actions/actions/checkout-6.0.3
build(deps): bump actions/checkout from 6.0.2 to 6.0.3
2026-07-01 17:08:58 +02:00
CrazyMax c5a66b573f Merge pull request #1025 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
2026-07-01 14:00:00 +02:00
CrazyMax f356dc0f57 Merge pull request #1024 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
2026-07-01 13:59:57 +02:00
CrazyMax 82c046b85a chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-07-01 11:43:31 +02:00
CrazyMax f482210217 dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-30 11:08:58 +02:00
dependabot[bot] 528895cbd3 build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).


Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)

Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)

---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 05:52:19 +00:00
dependabot[bot] 3be61c42c8 build(deps): bump vite from 7.3.3 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.3 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-29 14:17:42 +00:00
github-actions[bot] 3d128cd17b chore: update generated content 2026-06-29 14:17:09 +00:00
dependabot[bot] 4755f4fe4d build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/core@3.2.1)

---
updated-dependencies:
- dependency-name: "@sigstore/core"
  dependency-version: 3.2.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-29 14:16:11 +00:00
CrazyMax 17f7c1809f Merge pull request #1022 from crazy-max/fix-esbuild
preserve names in esbuild bundle
2026-06-29 16:14:30 +02:00
CrazyMax a2447fe0f6 preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-29 14:56:24 +02:00
temenuzhka-thede 3864d6aed8 Merge pull request #1018 from docker/sec-cli/npm-ci-20260612-182458
fix: replace npm install with npm ci (20260612-182458)
2026-06-12 14:10:03 -05:00
securityeng-bot[bot] 64b25388de fix: use lockfile-aware install commands 2026-06-12 18:24:59 +00:00
dependabot[bot] 17162ab65f build(deps): bump actions/checkout from 6.0.2 to 6.0.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-11 21:24:12 +00:00
CrazyMax 37a9a4b333 Merge pull request #1016 from docker/ci-ecr-oidc
ci: test AWS ECR with OIDC
2026-06-11 23:22:05 +02:00
CrazyMax eb1946f59c ci: test AWS ECR with OIDC
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-10 14:32:23 +02:00
CrazyMax 946f94de75 Merge pull request #1007 from crazy-max/ci-creds-update
ci: update registry auth credentials
2026-06-09 10:45:03 +02:00
dependabot[bot] c07548e8a6 build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-09 05:53:38 +00:00
dependabot[bot] 20036e466f build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-08 05:53:38 +00:00
CrazyMax f50e5f80f8 ci: update registry to auth to gar
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-04 16:19:19 +02:00
CrazyMax c5e5fd0017 ci: update registry to auth to acr
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-04 16:19:18 +02:00
CrazyMax 60e5331f1c ci: update registry to auth to ecr
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-04 16:19:18 +02:00
CrazyMax 6a848e5a16 ci: update secrets to auth to docker hub
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-04 16:19:18 +02:00
CrazyMax 0267638d8a Merge pull request #1008 from crazy-max/ci-ghcr-dind-test-image
ci: replace GHCR PAT in DinD test
2026-06-04 16:12:23 +02:00
CrazyMax 250c56f969 ci: replace GHCR PAT in DinD test
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-02 14:16:24 +02:00
CrazyMax 3999a1f436 Merge pull request #1005 from crazy-max/yarn-update
update yarn to 4.15.0
2026-05-28 18:43:24 +02:00
CrazyMax 0c083d7a7a update yarn to 4.15.0
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-05-28 15:13:23 +02:00
CrazyMax d74126fafb Merge pull request #1004 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0
build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0
2026-05-28 12:15:32 +02:00
github-actions[bot] 008abcd773 chore: update generated content 2026-05-28 08:20:36 +00:00
dependabot[bot] b3d0cb50ae build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.90.0...v0.91.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-version: 0.91.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-28 08:19:41 +00:00
CrazyMax d1f19df6c2 Merge pull request #1003 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.1.2
build(deps): bump aws-actions/configure-aws-credentials from 6.1.1 to 6.1.2
2026-05-28 10:18:22 +02:00
CrazyMax f9a14677ff Merge pull request #1002 from docker/dependabot/npm_and_yarn/tmp-0.2.7
build(deps): bump tmp from 0.2.5 to 0.2.7
2026-05-28 10:17:21 +02:00
CrazyMax 72b845d964 Merge pull request #1001 from docker/sec-cli/ignore-scripts-fix-20260527-193038
ci: add ignore-scripts to Node package manager config (20260527-193038)
2026-05-28 09:53:26 +02:00
dependabot[bot] 22319e3a05 build(deps): bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/d979d5b3a71173a29b74b5b88418bfda9437d885...acca2b1b2070338fb9fd1ca27ecee81d687e58e5)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-28 05:52:36 +00:00
github-actions[bot] 9ff664c6c9 chore: update generated content 2026-05-28 03:24:42 +00:00
dependabot[bot] 394f625bb6 build(deps): bump tmp from 0.2.5 to 0.2.7
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.7)

---
updated-dependencies:
- dependency-name: tmp
  dependency-version: 0.2.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-28 03:23:48 +00:00
securityeng-bot[bot] 42471eb9ff ci: enforce ignore-scripts policy for Node package managers 2026-05-27 20:04:14 +00:00
CrazyMax 04bf81902c Merge pull request #996 from crazy-max/azure-oidc
document ACR OIDC login with Azure Login
2026-05-27 13:37:45 +02:00
CrazyMax 5dbe09f08d Merge pull request #997 from docker/dependabot/github_actions/github/codeql-action-4.36.0
build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
2026-05-26 17:24:21 +02:00
dependabot[bot] 652059025f build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-26 07:53:28 +00:00
CrazyMax 2ff7bc63ff Merge pull request #998 from docker/dependabot/github_actions/docker/bake-action-7.2.0
build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
2026-05-26 09:50:52 +02:00
dependabot[bot] 8f60ab8910 build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.1.0 to 7.2.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/a66e1c87e2eca0503c343edf1d208c716d54b8a8...6614cfa25eff9a0b2b2697efb0b6159e7680d584)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-25 07:44:22 +00:00
CrazyMax 401fdfb10a update action versions in README examples
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-05-22 16:20:00 +02:00
CrazyMax 9720944471 use GitHub alerts for README notes
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-05-22 16:20:00 +02:00
CrazyMax b04cd7ece0 document ACR OIDC login with Azure Login
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-05-22 16:19:59 +02:00
16 changed files with 945 additions and 1390 deletions
+133 -44
View File
@@ -7,6 +7,9 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
GHCR_TEST_IMAGE: ghcr.io/docker/login-action-test:ci-${{ github.sha }}
on:
workflow_dispatch:
schedule:
@@ -22,7 +25,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Stop docker
run: |
@@ -46,7 +49,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -56,44 +59,75 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
logout: ${{ matrix.logout }}
dind:
push-ghcr:
runs-on: ubuntu-latest
env:
DOCKER_CONFIG: $HOME/.docker
permissions:
contents: read
packages: write
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_PAT }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build and push test image
run: |
docker buildx build --push -t "${GHCR_TEST_IMAGE}" - <<EOF
FROM scratch
LABEL org.opencontainers.image.title="docker/login-action CI test image"
LABEL org.opencontainers.image.description="Empty image used by CI to verify GHCR authentication."
LABEL org.opencontainers.image.source="https://github.com/${GITHUB_REPOSITORY}"
EOF
dind:
runs-on: ubuntu-latest
needs:
- push-ghcr
permissions:
contents: read
packages: read
env:
DOCKER_CONFIG: $HOME/.docker
steps:
-
name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: DinD
uses: docker://docker:29.3@sha256:4d90f1f6c400315c2dba96d3ec93c01e64198395cbba04f79d12adce4f737029
with:
entrypoint: docker
args: pull ghcr.io/docker-ghactiontest/test
args: pull ${{ env.GHCR_TEST_IMAGE }}
-
name: Pull private image
name: Pull test image
run: |
docker image prune -a -f >/dev/null 2>&1
docker pull ghcr.io/docker-ghactiontest/test
docker pull "${GHCR_TEST_IMAGE}"
acr:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to ACR
uses: ./
with:
registry: ${{ secrets.AZURE_REGISTRY_NAME }}.azurecr.io
registry: officialgithubactions.azurecr.io
username: ${{ secrets.AZURE_CLIENT_ID }}
password: ${{ secrets.AZURE_CLIENT_SECRET }}
@@ -108,13 +142,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_READ_PAT }}
ecr:
runs-on: ${{ matrix.os }}
@@ -127,12 +161,12 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to ECR
uses: ./
with:
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.us-east-1.amazonaws.com
registry: 175142243308.dkr.ecr.us-east-1.amazonaws.com
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -147,10 +181,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -159,7 +193,34 @@ jobs:
name: Login to ECR
uses: ./
with:
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.us-east-1.amazonaws.com
registry: 175142243308.dkr.ecr.us-east-1.amazonaws.com
ecr-oidc:
permissions:
contents: read
id-token: write
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
role-to-assume: arn:aws:iam::175142243308:role/official_gha_cicd_login_action
aws-region: us-east-1
-
name: Login to ECR
uses: ./
with:
registry: 175142243308.dkr.ecr.us-east-1.amazonaws.com
ecr-public:
runs-on: ${{ matrix.os }}
@@ -172,7 +233,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Public ECR
continue-on-error: ${{ matrix.os == 'windows-latest' }}
@@ -195,10 +256,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -210,6 +271,34 @@ jobs:
with:
registry: public.ecr.aws
ecr-public-oidc:
permissions:
contents: read
id-token: write
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
role-to-assume: arn:aws:iam::175142243308:role/official_gha_cicd_login_action
aws-region: us-east-1
-
name: Login to Public ECR
continue-on-error: ${{ matrix.os == 'windows-latest' }}
uses: ./
with:
registry: public.ecr.aws
ghcr:
runs-on: ${{ matrix.os }}
strategy:
@@ -221,7 +310,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -241,7 +330,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitLab
uses: ./
@@ -261,12 +350,12 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Google Artifact Registry
uses: ./
with:
registry: ${{ secrets.GAR_LOCATION }}-docker.pkg.dev
registry: us-east4-docker.pkg.dev
username: _json_key
password: ${{ secrets.GAR_JSON_KEY }}
@@ -281,7 +370,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Google Container Registry
uses: ./
@@ -295,14 +384,14 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
uses: ./
with:
registry-auth: |
- username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_READ_PAT }}
- registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
@@ -318,7 +407,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
uses: ./
@@ -339,7 +428,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
id: login
@@ -350,8 +439,8 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry-auth: |
- username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_READ_PAT }}
-
name: Check
run: |
@@ -371,13 +460,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_READ_PAT }}
scope: '@push'
-
name: Print config.json files
@@ -401,13 +490,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
username: ${{ vars.DOCKERPUBLICBOT_USERNAME }}
password: ${{ secrets.DOCKERPUBLICBOT_READ_PAT }}
scope: 'docker/buildx-bin@push'
-
name: Print config.json files
@@ -431,7 +520,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -462,7 +551,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
+3 -3
View File
@@ -22,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Enable corepack
run: |
@@ -35,12 +35,12 @@ jobs:
node-version: ${{ env.NODE_VERSION }}
-
name: Initialize CodeQL
uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: javascript-typescript
build-mode: none
-
name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
category: "/language:javascript-typescript"
+1 -1
View File
@@ -11,7 +11,7 @@ on:
jobs:
run:
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
pull-requests: write
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Publish
uses: actions/publish-immutable-action@4bc8754ffc40f27910afb20287dbbbb675a4e978 # v0.0.4
+3 -3
View File
@@ -20,16 +20,16 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Test
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
with:
source: .
targets: test
-
name: Upload coverage
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
with:
files: ./coverage/clover.xml
token: ${{ secrets.CODECOV_TOKEN }}
+3 -3
View File
@@ -30,14 +30,14 @@ jobs:
permission-contents: write
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
token: ${{ steps.docker-read-app.outputs.token }}
-
name: Build
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
with:
source: .
targets: build
@@ -50,7 +50,7 @@ jobs:
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add dist
git commit -m "chore: update generated content"
git commit -m "[dependabot skip] chore: update generated content"
git push
)
else
+3 -3
View File
@@ -22,11 +22,11 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
uses: docker/bake-action/subaction/matrix@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
with:
target: validate
@@ -41,6 +41,6 @@ jobs:
steps:
-
name: Validate
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
with:
targets: ${{ matrix.target }}
+1 -1
View File
@@ -19,7 +19,7 @@ on:
jobs:
zizmor:
uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/zizmor.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
security-events: write
+11 -4
View File
@@ -1,10 +1,10 @@
# https://yarnpkg.com/configuration/yarnrc
compressionLevel: mixed
enableGlobalCache: false
enableHardenedMode: true
nodeLinker: node-modules
logFilters:
- code: YN0004
level: discard
- code: YN0013
level: discard
- code: YN0019
@@ -14,4 +14,11 @@ logFilters:
- code: YN0086
level: discard
nodeLinker: node-modules
npmPreapprovedPackages:
- "@docker/actions-toolkit"
compressionLevel: mixed
enableGlobalCache: false
enableHardenedMode: true
enableScripts: false
npmMinimalAgeGate: 2d
+66 -7
View File
@@ -117,6 +117,8 @@ instead of a password.
### Azure Container Registry (ACR)
#### Service principal
[Create a service principal](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal)
with access to your container registry through the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
and take note of the generated service principal's ID (also called _client ID_)
@@ -142,10 +144,60 @@ jobs:
password: ${{ secrets.AZURE_CLIENT_SECRET }}
```
> [!NOTE]
> Replace `<registry-name>` with the name of your registry.
#### OpenID Connect (OIDC)
To authenticate with OpenID Connect, configure a federated identity credential
for GitHub Actions and use the [Azure Login](https://github.com/Azure/login)
action to sign in to Azure. Then expose an ACR access token and pass it to this
action as the password.
```yaml
name: ci
on:
push:
branches: main
permissions:
contents: read
id-token: write
jobs:
login:
runs-on: ubuntu-latest
steps:
-
name: Login to Azure
uses: azure/login@v3
with:
client-id: ${{ vars.AZURE_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_TENANT_ID }}
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
-
name: Get ACR access token
id: acr-token
run: |
ACR_TOKEN=$(az acr login --name <registry-name> --expose-token --output tsv --query accessToken)
echo "::add-mask::$ACR_TOKEN" # mask the token in workflow logs
echo "token=$ACR_TOKEN" >> "$GITHUB_OUTPUT"
-
name: Login to ACR
uses: docker/login-action@v4
with:
registry: <registry-name>.azurecr.io
username: 00000000-0000-0000-0000-000000000000
password: ${{ steps.acr-token.outputs.token }}
```
> [!NOTE]
> Replace `<registry-name>` with the name of your registry.
### Google Container Registry (GCR)
> [!NOTE]
> [Google Artifact Registry](#google-artifact-registry-gar) is the evolution of
> Google Container Registry. As a fully-managed service with support for both
> container images and non-container artifacts. If you currently use Google
@@ -176,7 +228,7 @@ jobs:
-
name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v1
uses: google-github-actions/auth@v3
with:
token_format: access_token
workload_identity_provider: <workload_identity_provider>
@@ -190,9 +242,10 @@ jobs:
password: ${{ steps.auth.outputs.access_token }}
```
> [!NOTE]
> Replace `<workload_identity_provider>` with configured workload identity
> provider. For steps to configure, [see here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation).
>
> Replace `<service_account>` with configured service account in workload
> identity provider which has access to push to GCR
@@ -247,7 +300,7 @@ jobs:
-
name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v1
uses: google-github-actions/auth@v3
with:
token_format: access_token
workload_identity_provider: <workload_identity_provider>
@@ -261,12 +314,13 @@ jobs:
password: ${{ steps.auth.outputs.access_token }}
```
> [!NOTE]
> Replace `<workload_identity_provider>` with configured workload identity
> provider
>
> Replace `<service_account>` with configured service account in workload
> identity provider which has access to push to GCR
>
> Replace `<location>` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)
> of the repository where the image is stored.
@@ -298,6 +352,7 @@ jobs:
password: ${{ secrets.GAR_JSON_KEY }}
```
> [!NOTE]
> Replace `<location>` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)
> of the repository where the image is stored.
@@ -352,6 +407,7 @@ jobs:
AWS_ACCOUNT_IDS: 012345678910,023456789012
```
> [!NOTE]
> Only available with [AWS CLI version 1](https://docs.aws.amazon.com/cli/latest/reference/ecr/get-login.html)
You can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials)
@@ -370,7 +426,7 @@ jobs:
steps:
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
uses: aws-actions/configure-aws-credentials@v6
with:
aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -382,6 +438,7 @@ jobs:
registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com
```
> [!NOTE]
> Replace `<aws-account-number>` and `<region>` with their respective values.
### AWS Public Elastic Container Registry (ECR)
@@ -413,6 +470,7 @@ jobs:
AWS_REGION: <region>
```
> [!NOTE]
> Replace `<region>` with its respective value (default `us-east-1`).
### OCI Oracle Cloud Infrastructure Registry (OCIR)
@@ -445,6 +503,7 @@ jobs:
password: ${{ secrets.OCI_TOKEN }}
```
> [!NOTE]
> Replace `<region>` with their respective values from [availability regions](https://docs.cloud.oracle.com/iaas/Content/Registry/Concepts/registryprerequisites.htm#Availab)
### Quay.io
@@ -603,7 +662,7 @@ jobs:
scope: 'myorg/myimage@push'
-
name: Build and push
uses: docker/build-push-action@v6
uses: docker/build-push-action@v7
with:
push: true
tags: myorg/myimage:latest
+1 -1
View File
@@ -17,7 +17,7 @@ FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/.yarn/cache \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /vendor && cp yarn.lock /vendor
yarn install --immutable && mkdir /vendor && cp yarn.lock /vendor
FROM scratch AS vendor-update
COPY --from=deps /vendor /
Generated Vendored
+155 -167
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+4 -4
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+49 -723
View File
File diff suppressed because it is too large Load Diff
+8 -8
View File
@@ -4,7 +4,7 @@
"type": "module",
"main": "src/main.ts",
"scripts": {
"build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify && yarn run license",
"build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify --keep-names && yarn run license",
"lint": "eslint --max-warnings=0 .",
"format": "eslint --fix .",
"test": "vitest run",
@@ -21,15 +21,15 @@
],
"author": "Docker Inc.",
"license": "Apache-2.0",
"packageManager": "yarn@4.9.2",
"packageManager": "yarn@4.15.0",
"dependencies": {
"@actions/core": "^3.0.1",
"@aws-sdk/client-ecr": "^3.1050.0",
"@aws-sdk/client-ecr-public": "^3.1050.0",
"@docker/actions-toolkit": "^0.90.0",
"http-proxy-agent": "^9.0.0",
"https-proxy-agent": "^9.0.0",
"js-yaml": "^4.1.1"
"@aws-sdk/client-ecr": "^3.1075.0",
"@aws-sdk/client-ecr-public": "^3.1075.0",
"@docker/actions-toolkit": "^0.92.0",
"http-proxy-agent": "^9.1.0",
"https-proxy-agent": "^9.1.0",
"js-yaml": "^5.2.0"
},
"devDependencies": {
"@eslint/js": "^9.39.3",
+503 -417
View File
File diff suppressed because it is too large Load Diff