Skip to content
[Daily] Mirror Tooling Images to GHCR

[Daily] Mirror Tooling Images to GHCR #237

Sign in to view logs

[Daily] Mirror Tooling Images to GHCR

[Daily] Mirror Tooling Images to GHCR #237

Workflow file for this run

.github/workflows/mirror-tooling-images.yml at 599e0ac
name: "[Daily] Mirror Tooling Images to GHCR"
on:
schedule:
- cron: "0 3 * * *" # every day at 3 AM UTC
workflow_dispatch:
inputs:
ghcr_namespace:
description: "GHCR Namespace"
required: true
default: "ghcr.io/project-copacetic/copacetic"
env:
GHCR_NAMESPACE: ${{ github.event.inputs.ghcr_namespace || 'ghcr.io/project-copacetic/copacetic' }}
permissions:
contents: read
jobs:
mirror:
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
strategy:
matrix:
images:
- "mirror.gcr.io/debian:10-slim"
- "mirror.gcr.io/debian:11-slim"
- "mirror.gcr.io/debian:12-slim"
- "mirror.gcr.io/debian:stable-slim"
- "mirror.gcr.io/ubuntu:20.04"
- "mirror.gcr.io/ubuntu:22.04"
- "mcr.microsoft.com/azurelinux/base/core:3.0"
- "mcr.microsoft.com/cbl-mariner/base/core:2.0"
- "mcr.microsoft.com/cbl-mariner/base/core:1.0"
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4.2.2
- name: Install oras CLI
uses: oras-project/setup-oras@22ce207df3b08e061f537244349aac6ae1d214f6 # v1.2.4
- name: Login to GHCR
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | oras login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Mirror multi-platform tooling images
env:
SOURCE_IMAGE: ${{ matrix.images }}
run: |
if [[ "$SOURCE_IMAGE" == */* ]]; then
TARGET_IMAGE=$(echo "$SOURCE_IMAGE" | sed 's#^[^/]*/##')
else
TARGET_IMAGE="$SOURCE_IMAGE"
fi
echo "Mirroring: $SOURCE_IMAGE -> $GHCR_NAMESPACE/$TARGET_IMAGE"
oras cp --recursive "$SOURCE_IMAGE" "$GHCR_NAMESPACE/$TARGET_IMAGE"