GITHUB_SECRECTS must be set using Github > Repository > Settings to run Github Actions:
Docker:
DOCKER_HUB_USERNAME
DOCKER_HUB_PASSWORD
Signing with cosign:
COSIGN_KEY
COSIGN_PASSWORD
Docker images are uploaded to Dockerhub via docker-compose (using .env files).
To push to a different repository, both files, .env and .env.test should point to the new Dockerhub repository: DOCKERHUBNAME
The container signing action uses COSIGN_KEY
and COSIGN_PASSWORD
. Therefore, the public key to check signature has to be stored in .github/workflows/cosign.bup.
Anybody can verify the images on dockerhub by using cosing, e.g.:
cosign verify --key .github/workflows/cosign.pub rainan/blazorserviceguessmyui:latest
Currently, the push destination (Dockerhub repository) is hardcoded in "publish-actions". To access other repos, these Github Actions must be modified!
npm install @opentelemetry/node --save
npm install @opentelemetry/plugin-http --save
npm install @opentelemetry/plugin-express --save