chore(workflows): update Docker build action to v5 and add caching

Updated the Docker build action to version 5 for improved functionality and added caching support for better performance. The cosign signing process now includes the image digest dynamically retrieved from the build step output.
obeone · Mar 7, 2024 · b6e5b27 · b6e5b27
1 parent 9391e6b
commit b6e5b27
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
@@ -33,24 +33,26 @@ jobs:
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Build and push to GHCR and Docker Hub
-        uses: docker/build-push-action@v2
+        id: build-and-push
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
           push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
           tags: |
             ghcr.io/obeone/crawler-to-md:latest
             docker.io/obeoneorg/crawler-to-md:latest
           platforms: linux/amd64,linux/arm64,linux/i386,linux/armhf,linux/armel
 
       - name: Set up cosign
         uses: sigstore/cosign-installer@main
-        with:
-          cosign-release: 'v1.5.2'
 
       - name: Sign the container image with cosign
         run: |
-          cosign sign ghcr.io/obeone/crawler-to-md:latest
-          cosign sign docker.io/obeoneorg/crawler-to-md:latest
+          cosign sign --yes ghcr.io/obeone/crawler-to-md@${DIGEST}
+          cosign sign --yes docker.io/obeoneorg/crawler-to-md@${DIGEST}
         env:
           COSIGN_EXPERIMENTAL: true
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}