82
82
83
83
# Build and push Docker image with Buildx (don't push on PR)
84
84
# https://github.com/docker/build-push-action
85
- - name : Build and push Docker image
85
+ - name : Build Docker image
86
86
id : build-and-push
87
87
uses : docker/build-push-action@v5
88
88
with :
@@ -92,22 +92,44 @@ jobs:
92
92
PARTMAN_VERSION=${{ matrix.partman_version }}
93
93
PARTMAN_CHECKSUM=${{ matrix.partman_checksum }}
94
94
platforms : linux/amd64,linux/arm64
95
- push : ${{ github.event_name != 'pull_request' }}
95
+ push : false
96
96
tags : ${{ steps.meta.outputs.tags }}
97
97
labels : ${{ steps.meta.outputs.labels }}
98
+ load : true
98
99
cache-from : type=gha
99
100
cache-to : type=gha,mode=max
100
101
102
+ - name : Smoke Test - Start and Check Database
103
+ run : |
104
+ docker run -d --name postgres-test -e POSTGRES_PASSWORD=mysecretpassword ${{env.REGISTRY}}/${{env.IMAGE_NAME}}:${{ matrix.postgres_version }}-${{ matrix.major }}
105
+ sleep 10
106
+ docker exec postgres-test pg_isready -U postgres
107
+ docker stop postgres-test
108
+ docker rm postgres-test
101
109
110
+ - name : Push Docker Image
111
+ if : ${{ success() && github.event_name != 'pull_request' }}
112
+ uses : docker/build-push-action@v5
113
+ with :
114
+ context : .
115
+ build-args : |
116
+ POSTGRESQL_VERSION=${{ matrix.postgres_version }}
117
+ PARTMAN_VERSION=${{ matrix.partman_version }}
118
+ PARTMAN_CHECKSUM=${{ matrix.partman_checksum }}
119
+ platforms : linux/amd64,linux/arm64
120
+ push : true
121
+ tags : ${{ steps.meta.outputs.tags }}
122
+ labels : ${{ steps.meta.outputs.labels }}
123
+ cache-from : type=gha
124
+ cache-to : type=gha,mode=max
125
+
102
126
# Sign the resulting Docker image digest except on PRs.
103
127
# This will only write to the public Rekor transparency log when the Docker
104
128
# repository is public to avoid leaking data. If you would like to publish
105
129
# transparency data ev en for private images, pass --force to cosign below.
106
130
# https://github.com/sigstore/cosign
107
131
- name : Sign the published Docker image
108
- if : ${{ github.event_name != 'pull_request' }}
132
+ if : ${{ success() && github.event_name != 'pull_request' }}
109
133
env :
110
134
COSIGN_EXPERIMENTAL : " true"
111
- # This step uses the identity token to provision an ephemeral certificate
112
- # against the sigstore community Fulcio instance.
113
- run : echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign -y {}@${{ steps.build-and-push.outputs.digest }}
135
+ run : echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign -y {}@${{ steps.build.outputs.digest }}
0 commit comments