mirror of
https://github.com/microsoft/playwright-mcp.git
synced 2025-07-25 07:52:27 +08:00
f5b68dc590
This tags the images we publish as EOL immediately in order to get excluded from the image scanning. Like we do upstream in microsoft/playwright.
71 lines
2.6 KiB
YAML
71 lines
2.6 KiB
YAML
name: Publish
|
|
on:
|
|
release:
|
|
types: [published]
|
|
jobs:
|
|
publish-npm:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
id-token: write # Needed for npm provenance
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 18
|
|
registry-url: https://registry.npmjs.org/
|
|
- run: npm ci
|
|
- run: npx playwright install --with-deps
|
|
- run: npm run build
|
|
- run: npm run lint
|
|
- run: npm run ctest
|
|
- run: npm publish --provenance
|
|
env:
|
|
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
|
|
publish-docker:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
id-token: write # Needed for OIDC login to Azure
|
|
environment: allow-publishing-docker-to-acr
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Set up QEMU # Needed for multi-platform builds (e.g., arm64 on amd64 runner)
|
|
uses: docker/setup-qemu-action@v3
|
|
- name: Set up Docker Buildx # Needed for multi-platform builds
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Azure Login via OIDC
|
|
uses: azure/login@v2
|
|
with:
|
|
client-id: ${{ secrets.AZURE_DOCKER_CLIENT_ID }}
|
|
tenant-id: ${{ secrets.AZURE_DOCKER_TENANT_ID }}
|
|
subscription-id: ${{ secrets.AZURE_DOCKER_SUBSCRIPTION_ID }}
|
|
- name: Login to ACR
|
|
run: az acr login --name playwright
|
|
- name: Build and push Docker image
|
|
id: build-push
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile # Adjust path if your Dockerfile is elsewhere
|
|
platforms: linux/amd64,linux/arm64
|
|
push: true
|
|
tags: |
|
|
playwright.azurecr.io/public/playwright/mcp:${{ github.event.release.tag_name }}
|
|
playwright.azurecr.io/public/playwright/mcp:latest
|
|
- uses: oras-project/setup-oras@v1
|
|
- name: Set oras tags
|
|
run: |
|
|
attach_eol_manifest() {
|
|
local image="$1"
|
|
local today=$(date -u +'%Y-%m-%d')
|
|
# oras is re-using Docker credentials, so we don't need to login.
|
|
# Following the advice in https://portal.microsofticm.com/imp/v3/incidents/incident/476783820/summary
|
|
oras attach --artifact-type application/vnd.microsoft.artifact.lifecycle --annotation "vnd.microsoft.artifact.lifecycle.end-of-life.date=$today" $image
|
|
}
|
|
# for each tag, attach the eol manifest
|
|
for tag in $(echo ${{ steps.build-push.outputs.metadata['image.name'] }} | tr ',' '\n'); do
|
|
attach_eol_manifest $tag
|
|
done
|