# ivuorinen/actions/docker-publish-gh ## Docker Publish to GitHub Packages ### Description Publishes a Docker image to GitHub Packages with advanced security and reliability features. ### Inputs | name | description | required | default | |-------------------------|----------------------------------------------------------------------------------|----------|---------------------------| | `image-name` |

The name of the Docker image to publish. Defaults to the repository name.

| `false` | `""` | | `tags` |

Comma-separated list of tags for the Docker image.

| `true` | `""` | | `platforms` |

Platforms to publish (comma-separated). Defaults to amd64 and arm64.

| `false` | `linux/amd64,linux/arm64` | | `registry` |

GitHub Container Registry URL

| `false` | `ghcr.io` | | `token` |

GitHub token with package write permissions

| `false` | `""` | | `provenance` |

Enable SLSA provenance generation

| `false` | `true` | | `sbom` |

Generate Software Bill of Materials

| `false` | `true` | | `max-retries` |

Maximum number of retry attempts for publishing

| `false` | `3` | | `retry-delay` |

Delay in seconds between retries

| `false` | `10` | | `buildx-version` |

Specific Docker Buildx version to use

| `false` | `latest` | | `cache-mode` |

Cache mode for build layers (min, max, or inline)

| `false` | `max` | | `auto-detect-platforms` |

Automatically detect and build for all available platforms

| `false` | `false` | | `scan-image` |

Scan published image for vulnerabilities

| `false` | `true` | | `sign-image` |

Sign the published image with cosign

| `false` | `true` | | `parallel-builds` |

Number of parallel platform builds (0 for auto)

| `false` | `0` | | `verbose` |

Enable verbose logging

| `false` | `false` | ### Outputs | name | description | |-------------------|-------------------------------------------| | `image-name` |

Full image name including registry

| | `digest` |

The digest of the published image

| | `tags` |

List of published tags

| | `provenance` |

SLSA provenance attestation

| | `sbom` |

SBOM document location

| | `scan-results` |

Vulnerability scan results

| | `platform-matrix` |

Build status per platform

| | `build-time` |

Total build time in seconds

| ### Runs This action is a `composite` action. ### Usage ```yaml - uses: ivuorinen/actions/docker-publish-gh@main with: image-name: # The name of the Docker image to publish. Defaults to the repository name. # # Required: false # Default: "" tags: # Comma-separated list of tags for the Docker image. # # Required: true # Default: "" platforms: # Platforms to publish (comma-separated). Defaults to amd64 and arm64. # # Required: false # Default: linux/amd64,linux/arm64 registry: # GitHub Container Registry URL # # Required: false # Default: ghcr.io token: # GitHub token with package write permissions # # Required: false # Default: "" provenance: # Enable SLSA provenance generation # # Required: false # Default: true sbom: # Generate Software Bill of Materials # # Required: false # Default: true max-retries: # Maximum number of retry attempts for publishing # # Required: false # Default: 3 retry-delay: # Delay in seconds between retries # # Required: false # Default: 10 buildx-version: # Specific Docker Buildx version to use # # Required: false # Default: latest cache-mode: # Cache mode for build layers (min, max, or inline) # # Required: false # Default: max auto-detect-platforms: # Automatically detect and build for all available platforms # # Required: false # Default: false scan-image: # Scan published image for vulnerabilities # # Required: false # Default: true sign-image: # Sign the published image with cosign # # Required: false # Default: true parallel-builds: # Number of parallel platform builds (0 for auto) # # Required: false # Default: 0 verbose: # Enable verbose logging # # Required: false # Default: false ```