docker setup #1

	name: DockerBuild
	on:
	push:
	branches: [main]

	permissions:
	id-token: write
	contents: read
	attestations: write
	packages: write

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	-
	name: Checkout repository
	uses: actions/checkout@v4
	-
	name: Login to registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ github.token }}
	-
	name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	-
	name: Build and push
	id: push
	uses: docker/build-push-action@v6
	with:
	context: .
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	target: app
	-
	name: Generate artifact attestation
	uses: actions/attest-build-provenance@v1
	with:
	subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
	subject-digest: ${{ steps.push.outputs.digest }}
	push-to-registry: true

Provide feedback