name: ZITADEL Release tags on: push: branches: - "main" paths: - 'release-channels.yaml' workflow_dispatch: permissions: contents: write packages: write jobs: Build: runs-on: ubuntu-20.04 env: DOCKER_BUILDKIT: 1 steps: - name: Source checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: get stable tag run: echo STABLE_RELEASE=$(yq eval '.stable' release-channels.yaml) >> $GITHUB_ENV - name: checkout stable tag uses: actions/checkout@v3 with: fetch-depth: 0 ref: ${{ env.STABLE_RELEASE }} - name: GitHub Container Registry Login uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - uses: tibdex/github-app-token@v1 id: generate-token with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - name: Google Artifact Registry Login uses: docker/login-action@v2 with: registry: europe-docker.pkg.dev username: _json_key_base64 password: ${{ secrets.GCR_JSON_KEY_BASE64 }} - name: copy release to stable run: | skopeo --version skopeo copy --all docker://ghcr.io/zitadel/zitadel:$STABLE_RELEASE docker://ghcr.io/zitadel/zitadel:stable