prometheus-operator/.github/workflows/publish.yaml

name: publish
on:
  workflow_dispatch:
  push:
    branches:
      - 'release-*'
      - 'master'
      - 'main'
    tags:
      - 'v*'
      - '!pkg*'

jobs:
  publish:
    runs-on: ubuntu-latest
    name: Publish container images
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Import environment variables from file
        run: cat ".github/env" >> $GITHUB_ENV
      - name: Install Go
        uses: actions/setup-go@v3
        with:
          go-version: '${{ env.golang-version }}'
      - name: Install cosign
        uses: sigstore/cosign-installer@main
      - name: Check the Docker version
        run: docker version
      - name: Check the cosign version
        run: cosign version
      - name: Install crane
        uses: imjasonh/setup-crane@v0.3
      - name: Login to quay.io
        uses: docker/login-action@v2
        with:
          registry: quay.io
          username: ${{ secrets.quay_username }}
          password: ${{ secrets.quay_password }}
      - name: Login to ghcr.io
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Cosign login
        run: |
          echo "${{ secrets.GITHUB_TOKEN }}" | cosign login -u ${{ github.repository_owner }} --password-stdin ghcr.io
          echo "${{ secrets.quay_password }}" | cosign login -u ${{ secrets.quay_username }} --password-stdin quay.io
      - name: Build images and push
        run: ./scripts/push-docker-image.sh