kata-containers/.github/workflows/create-auth-registry-image.yaml

name: Create authenticated registry test image

on:
  workflow_dispatch:

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

permissions: {}

env:
  REGISTRY: quay.io
  IMAGE_NAME: kata-containers/confidential-containers-auth

jobs:
  build-and-push:
    name: Build and push multi-arch authenticated test image
    runs-on: ubuntu-24.04
    steps:
      - name: Set up QEMU
        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Login to Quay.io
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ vars.AUTHENTICATED_IMAGE_USER }}
          password: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}

      - name: Build and push multi-arch image
        run: |
          echo 'FROM busybox:latest' | \
            docker buildx build \
              --platform linux/amd64,linux/s390x,linux/arm64 \
              --tag "${REGISTRY}/${IMAGE_NAME}:test" \
              --push \
              -