From 2f4649ef385be29058917aee01518ba2ba6d1a60 Mon Sep 17 00:00:00 2001 From: Preethi Date: Sat, 18 Jan 2025 01:25:51 +0530 Subject: [PATCH] Restrict openfl_container_image_workflow on approved branches (#1280) * Update openfl-docker-build.yml * Update openfl-docker-build.yml * Update openfl-docker-build.yml --- .github/workflows/openfl-docker-build.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/openfl-docker-build.yml b/.github/workflows/openfl-docker-build.yml index ae19d6b37e..620375d94a 100644 --- a/.github/workflows/openfl-docker-build.yml +++ b/.github/workflows/openfl-docker-build.yml @@ -13,7 +13,10 @@ on: default: 'latest' env: - VERSION: ${{ github.ref == 'refs/heads/develop' && 'latest' || '1.7' }} + DEFAULT_VERSION: ${{ + github.ref == 'refs/heads/develop' && 'latest' || + github.ref == 'refs/heads/v1.7.x' && '1.7' || + 'fail' }} permissions: contents: read @@ -24,6 +27,12 @@ jobs: runs-on: ubuntu-latest steps: + - name: Fail if invalid branch + if: env.DEFAULT_VERSION == 'fail' + run: | + echo "Invalid branch. The workflow only supports 'develop' or 'v1.7.x'." + exit 1 + - name: Checkout code uses: actions/checkout@v3 @@ -36,6 +45,9 @@ jobs: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + + - name: Determine Image Tag + run: echo "IMAGE_TAG=${{ github.event.inputs.version || env.DEFAULT_VERSION }}" >> $GITHUB_ENV - name: Build and Push OpenFL Base Image uses: docker/build-push-action@v4 @@ -44,4 +56,4 @@ jobs: file: openfl-docker/Dockerfile.base push: true tags: | - ghcr.io/${{ github.repository }}/openfl:${{ github.event.inputs.version || 'latest' }} + ghcr.io/${{ github.repository }}/openfl:${{ env.IMAGE_TAG }}