name: Upload ArtifactHub Metadata on: schedule: - cron: '0 3 1 * *' workflow_dispatch: jobs: upload-metadata: name: "Upload artifacthub-repo.yml to OCI registry" runs-on: ubuntu-latest steps: - uses: actions/checkout@v6.0.2 - uses: sigstore/cosign-installer@v4.0.0 with: cosign-release: "v3.0.3" # renovate: datasource=github-tags depName=sigstore/cosign - uses: docker/login-action@v3.7.0 with: registry: git.cryptic.systems username: ${{ github.repository_owner }} password: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} - uses: docker/login-action@v3.7.0 with: username: ${{ secrets.DOCKER_IO_USERNAME }} password: ${{ secrets.DOCKER_IO_PASSWORD }} - uses: oras-project/setup-oras@v1.2.4 with: version: 1.3.0 # renovate: datasource=github-tags depName=oras-project/oras extractVersion='^v?(?.*)$' - name: Push artifacthub-repo.yml to git.cryptic.systems run: | oras push git.cryptic.systems/volker.raschek/dcmerge:artifacthub.io \ --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml - name: Push public cosign key to git.cryptic.systems env: COSIGN_PUBLIC_KEY: ${{ vars.COSIGN_PUBLIC_KEY }} run: | echo "${COSIGN_PUBLIC_KEY}" > cosign.pub oras push git.cryptic.systems/volker.raschek/dcmerge:cosign.pub \ --artifact-type application/vnd.dev.cosign.public-key.v1 \ cosign.pub:application/vnd.dev.cosign.public-key.v1 - name: Push artifacthub-repo.yml to docker.io run: | oras push docker.io/volkerraschek/dcmerge:artifacthub.io \ --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml - name: Push public cosign key to docker.io env: COSIGN_PUBLIC_KEY: ${{ vars.COSIGN_PUBLIC_KEY }} run: | echo "${COSIGN_PUBLIC_KEY}" > cosign.pub oras push docker.io/volkerraschek/dcmerge:cosign.pub \ --artifact-type application/vnd.dev.cosign.public-key.v1 \ cosign.pub:application/vnd.dev.cosign.public-key.v1