mirror of
https://github.com/chatwoot/chatwoot.git
synced 2026-06-04 21:02:35 +08:00
2dee7457cd
- Fix CodeQL alerts by declaring read-only GITHUB_TOKEN scope at the workflow level. The codespace image publish workflow additionally needs packages: write to push to ghcr.io.
28 lines
616 B
YAML
28 lines
616 B
YAML
name: Publish Codespace Base Image
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
jobs:
|
|
publish-code-space-image:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@v1
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build the Codespace Base Image
|
|
run: |
|
|
docker compose -f .devcontainer/docker-compose.base.yml build base
|
|
docker push ghcr.io/chatwoot/chatwoot_codespace:latest
|