Conversation
| pull_request: | ||
| branches: ["main"] | ||
| schedule: | ||
| - cron: "0 0 * * 0" |
There was a problem hiding this comment.
To update the underlying base container. It's good to keep the base image updated.
There was a problem hiding this comment.
Pull request overview
This PR transforms the CI workflow from a simple container build process into a comprehensive build-push-deploy pipeline with multi-architecture support, automated deployments, and scheduled weekly runs.
- Adds Docker image building and pushing to both Docker Hub and GitHub Container Registry (GHCR)
- Implements automated SSH-based deployment to a remote server
- Includes weekly scheduled workflow runs and automated cleanup of old container images
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - name: Delete old container images | ||
| uses: actions/delete-package-versions@v5 | ||
| with: | ||
| package-name: hello | ||
| package-type: container | ||
| min-versions-to-keep: 10 | ||
| delete-only-untagged-versions: true |
There was a problem hiding this comment.
The "Delete old container images" step is missing the if: github.event_name != 'pull_request' condition. Like the Deploy step, this cleanup action should only run for push and schedule events, not for pull requests where no images are pushed.
| script_stop: true | ||
| script: | | ||
| cd /opt/hello | ||
| docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
The GitHub token used in the remote deployment script may not work. The ${{ secrets.GITHUB_TOKEN }} is a workflow-scoped token that typically expires after the workflow completes, and it may not be accessible from within the SSH session. Consider using a Personal Access Token (PAT) or GitHub App token stored as a secret instead.
2 participants
No description provided.