From 33cd6f627c064ff44f168956bfc60f1d86e8109e Mon Sep 17 00:00:00 2001 From: Glenn Terjesen Date: Thu, 9 Apr 2026 16:27:14 +0200 Subject: [PATCH 1/4] feat: add resolve-image reusable workflow --- .github/README.md | 1 + .github/workflows/resolve-image.yml | 77 +++++++++++++++++++++++++++++ README-resolve-image.md | 51 +++++++++++++++++++ 3 files changed, 129 insertions(+) create mode 100644 .github/workflows/resolve-image.yml create mode 100644 README-resolve-image.md diff --git a/.github/README.md b/.github/README.md index bc4cf3d8..0b36f302 100644 --- a/.github/README.md +++ b/.github/README.md @@ -10,6 +10,7 @@ GitHub Actions for working with Docker - [Docker lint](../README-lint.md) - [Docker build](../README-build.md) - [Docker push](../README-push.md) +- [Docker resolve-image](../README-resolve-image.md) ## Golden Path diff --git a/.github/workflows/resolve-image.yml b/.github/workflows/resolve-image.yml new file mode 100644 index 00000000..77b7503f --- /dev/null +++ b/.github/workflows/resolve-image.yml @@ -0,0 +1,77 @@ +name: Entur/Docker/Resolve Image + +on: + workflow_call: + inputs: + image_name: + description: "Image name to resolve. Defaults to the repository name." + type: string + default: "repo_name" + outputs: + image: + description: "Resolved image name and tag (image_name:image_tag), empty if no image was built for the PR" + value: ${{ jobs.resolve-image.outputs.image }} + image_tag: + description: "Resolved image tag, empty if no image was built for the PR" + value: ${{ jobs.resolve-image.outputs.image_tag }} + pr_number: + description: "The PR number that was merged at the current commit" + value: ${{ jobs.resolve-image.outputs.pr_number }} + +jobs: + resolve-image: + name: Resolve Image + runs-on: ubuntu-24.04 + permissions: + contents: read + pull-requests: read + outputs: + image: ${{ steps.resolve.outputs.image }} + image_tag: ${{ steps.resolve.outputs.image_tag }} + pr_number: ${{ steps.resolve.outputs.pr_number }} + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + fetch-depth: 0 + fetch-tags: true + + - name: Resolve image from merged PR git tag + id: resolve + env: + GH_TOKEN: ${{ github.token }} + GHA_DOCKER_RESOLVE_IMAGE_NAME: ${{ inputs.image_name }} + run: | + # Determine image name (default to repo name) + if [ "$GHA_DOCKER_RESOLVE_IMAGE_NAME" = "repo_name" ]; then + GHA_DOCKER_RESOLVE_IMAGE_NAME="${GITHUB_REPOSITORY#*/}" + fi + + # Find the PR that was merged at this commit + PR_NUMBER=$(gh pr list --search "$GITHUB_SHA" --state merged --json number --jq '.[0].number') + if [ -z "$PR_NUMBER" ]; then + echo "::error::Could not find merged PR for commit $GITHUB_SHA" + exit 1 + fi + echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT" + + # Get the PR branch name and apply the same sanitisation as gha-docker push: + # truncate to 43 chars, strip trailing -, lowercase, replace /.- with - + BRANCH=$(gh pr view "$PR_NUMBER" --json headRefName --jq '.headRefName') + BRANCH=${BRANCH:0:43} + BRANCH=$(echo "$BRANCH" | sed s'/[-]$//') + BRANCH=$(echo "$BRANCH" | tr '[:upper:]' '[:lower:]' | tr -d '[ÆØÅæøå]') + BRANCH=${BRANCH//\//-} + BRANCH=${BRANCH//./-} + BRANCH=${BRANCH//!/-} + + # Find the most recent git tag for this branch (created by the docker push workflow). + # Tags follow the pattern: {branch}.{YYYYMMDD}-SHA{short_sha} + IMAGE_TAG=$(git tag -l "${BRANCH}.*" --sort=-creatordate | head -1) + if [ -z "$IMAGE_TAG" ]; then + echo "::warning::No git tag matching '${BRANCH}.*' (PR #${PR_NUMBER}) — no image was built for this PR, skipping deploy" + exit 0 + fi + + echo "Resolved image: ${GHA_DOCKER_RESOLVE_IMAGE_NAME}:${IMAGE_TAG} (from PR #${PR_NUMBER})" + echo "image=${GHA_DOCKER_RESOLVE_IMAGE_NAME}:${IMAGE_TAG}" >> "$GITHUB_OUTPUT" + echo "image_tag=${IMAGE_TAG}" >> "$GITHUB_OUTPUT" diff --git a/README-resolve-image.md b/README-resolve-image.md new file mode 100644 index 00000000..b6d19330 --- /dev/null +++ b/README-resolve-image.md @@ -0,0 +1,51 @@ +# `gha-docker/resolve-image` + +Resolves the Docker image that was built during a PR by looking up git tags created by the [push](README-push.md) workflow. Intended for use in CD workflows that run after a PR is merged to `main`. + +> [!TIP] +> This is useful for only building the docker image once in the CI/CD pipelines. + +When the push workflow builds and pushes a Docker image, it also creates a git tag with the image tag value (e.g. `my-branch.20260409-SHA1234567`). This workflow finds the merged PR for the current commit, reconstructs the sanitised branch name, and looks up the most recent matching git tag to resolve the exact image that was built. + +> [!NOTE] +> If no matching tag is found (e.g. docs-only changes), the workflow succeeds with empty `image` and `image_tag` outputs. Downstream deploy jobs can use this to skip deployment. + +## Usage + +Add the following step to your CD workflow: + +```yml +jobs: + resolve-image: + if: github.event_name == 'push' + uses: entur/gha-docker/.github/workflows/resolve-image.yml@v1 + + deploy: + needs: [resolve-image] + if: needs.resolve-image.outputs.image != '' + uses: entur/gha-helm/.github/workflows/deploy.yml@v1 + with: + image: ${{ needs.resolve-image.outputs.image }} +``` + +## Inputs + + + +| INPUT | TYPE | REQUIRED | DEFAULT | DESCRIPTION | +| -------------------------------------------------------------- | ------ | -------- | ------------- | ----------------------------------------------------------- | +| [image_name](#input_image_name) | string | false | `"repo_name"` | Image name to resolve. Defaults
to the repository name. | + + + +## Outputs + + + +| OUTPUT | VALUE | DESCRIPTION | +| ------------------------------------------------------------- | ----------------------------------------------- | --------------------------------------------------------------------------------------- | +| [image](#output_image) | `"${{ jobs.resolve-image.outputs.image }}"` | Resolved image name and tag
(image_name:image_tag), empty if no
image was built | +| [image_tag](#output_image_tag) | `"${{ jobs.resolve-image.outputs.image_tag }}"` | Resolved image tag, empty if
no image was built for
the PR | +| [pr_number](#output_pr_number) | `"${{ jobs.resolve-image.outputs.pr_number }}"` | The PR number that was
merged at the current commit | + + From 2b87c2d9ca857c238437b4baa98ded63669ec062 Mon Sep 17 00:00:00 2001 From: Glenn Terjesen Date: Thu, 16 Apr 2026 12:48:28 +0200 Subject: [PATCH 2/4] feat: add resolve-image and sanitize-ref composite actions Extract branch sanitization logic from push.yml into a shared sanitize-ref composite action. Implement resolve-image as a composite action instead of a reusable workflow for lighter integration into existing CD jobs. --- .github/README.md | 2 +- .github/actions/resolve-image/README.md | 50 +++++++++++++++ .github/actions/resolve-image/action.yml | 68 +++++++++++++++++++++ .github/actions/sanitize-ref/README.md | 22 +++++++ .github/actions/sanitize-ref/action.yml | 33 ++++++++++ .github/dependabot.yml | 2 + .github/workflows/push.yml | 25 +++++--- .github/workflows/resolve-image.yml | 77 ------------------------ README-resolve-image.md | 51 ---------------- 9 files changed, 191 insertions(+), 139 deletions(-) create mode 100644 .github/actions/resolve-image/README.md create mode 100644 .github/actions/resolve-image/action.yml create mode 100644 .github/actions/sanitize-ref/README.md create mode 100644 .github/actions/sanitize-ref/action.yml delete mode 100644 .github/workflows/resolve-image.yml delete mode 100644 README-resolve-image.md diff --git a/.github/README.md b/.github/README.md index 0b36f302..efb120ea 100644 --- a/.github/README.md +++ b/.github/README.md @@ -10,7 +10,7 @@ GitHub Actions for working with Docker - [Docker lint](../README-lint.md) - [Docker build](../README-build.md) - [Docker push](../README-push.md) -- [Docker resolve-image](../README-resolve-image.md) +- [Docker resolve-image](actions/resolve-image/README.md) ## Golden Path diff --git a/.github/actions/resolve-image/README.md b/.github/actions/resolve-image/README.md new file mode 100644 index 00000000..962a12ff --- /dev/null +++ b/.github/actions/resolve-image/README.md @@ -0,0 +1,50 @@ +# `gha-docker/resolve-image` + +Resolves the Docker image that was built during a PR by looking up git tags created by the [push](../../../README-push.md) workflow. Intended for use in CD workflows that run after a PR is merged to `main`. + +> [!TIP] +> This is useful for only building the docker image once in the CI/CD pipelines. + +When the push workflow builds and pushes a Docker image, it also creates a git tag with the image tag value (e.g. `my-branch.20260409-SHA1234567`). This action finds the merged PR for the current commit, reconstructs the sanitised branch name, and looks up the most recent matching git tag to resolve the exact image that was built. + +> [!NOTE] +> If no matching tag is found (e.g. docs-only changes), the action succeeds with empty `image` and `image_tag` outputs. Downstream deploy steps can use this to skip deployment. + +## Usage + +Add the action as a step in your CD workflow. Requires checkout with full history and tags. + +```yml +jobs: + deploy: + if: github.event_name == 'push' + runs-on: ubuntu-24.04 + permissions: + contents: read + pull-requests: read + steps: + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + fetch-tags: true + + - uses: entur/gha-docker/.github/actions/resolve-image@v1 + id: resolve-image + + - if: steps.resolve-image.outputs.image != '' + run: echo "Deploying ${{ steps.resolve-image.outputs.image }}" +``` + +## Inputs + +| INPUT | TYPE | REQUIRED | DEFAULT | DESCRIPTION | +| ------------ | ------ | -------- | ------------- | ------------------------------------------------------- | +| `image_name` | string | false | `"repo_name"` | Image name to resolve. Defaults to the repository name. | + +## Outputs + +| OUTPUT | DESCRIPTION | +| ----------- | -------------------------------------------------------------------------------------------- | +| `image` | Resolved image name and tag (`image_name:image_tag`), empty if no image was built for the PR | +| `image_tag` | Resolved image tag, empty if no image was built for the PR | +| `pr_number` | The PR number that was merged at the current commit | diff --git a/.github/actions/resolve-image/action.yml b/.github/actions/resolve-image/action.yml new file mode 100644 index 00000000..8eccce53 --- /dev/null +++ b/.github/actions/resolve-image/action.yml @@ -0,0 +1,68 @@ +name: Resolve Image +description: > + Resolve the Docker image name and tag for a merged PR by looking up + the git tag created by the Docker push workflow. Requires the repository + to be checked out with fetch-depth: 0 and fetch-tags: true. + +inputs: + image_name: + description: "Image name to resolve. Defaults to the repository name." + default: "repo_name" + +outputs: + image: + description: "Resolved image name and tag (image_name:image_tag), empty if no image was built for the PR" + value: ${{ steps.resolve.outputs.image }} + image_tag: + description: "Resolved image tag, empty if no image was built for the PR" + value: ${{ steps.resolve.outputs.image_tag }} + pr_number: + description: "The PR number that was merged at the current commit" + value: ${{ steps.find-pr.outputs.pr_number }} + +runs: + using: composite + steps: + - name: Find merged PR + id: find-pr + shell: bash + env: + GH_TOKEN: ${{ github.token }} + run: | + PR_NUMBER=$(gh pr list --search "$GITHUB_SHA" --state merged --json number --jq '.[0].number') + if [ -z "$PR_NUMBER" ]; then + echo "::error::Could not find merged PR for commit $GITHUB_SHA" + exit 1 + fi + echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT" + + BRANCH=$(gh pr view "$PR_NUMBER" --json headRefName --jq '.headRefName') + echo "branch=${BRANCH}" >> "$GITHUB_OUTPUT" + + - name: Sanitize branch name + id: sanitize + uses: ./.github/actions/sanitize-ref + with: + ref: ${{ steps.find-pr.outputs.branch }} + + - name: Resolve image from git tag + id: resolve + shell: bash + env: + IMAGE_NAME: ${{ inputs.image_name }} + BRANCH: ${{ steps.sanitize.outputs.ref }} + PR_NUMBER: ${{ steps.find-pr.outputs.pr_number }} + run: | + if [ "$IMAGE_NAME" = "repo_name" ]; then + IMAGE_NAME="${GITHUB_REPOSITORY#*/}" + fi + + IMAGE_TAG=$(git tag -l "${BRANCH}.*" --sort=-creatordate | head -1) + if [ -z "$IMAGE_TAG" ]; then + echo "::warning::No git tag matching '${BRANCH}.*' (PR #${PR_NUMBER}) — no image was built for this PR, skipping deploy" + exit 0 + fi + + echo "Resolved image: ${IMAGE_NAME}:${IMAGE_TAG} (from PR #${PR_NUMBER})" + echo "image=${IMAGE_NAME}:${IMAGE_TAG}" >> "$GITHUB_OUTPUT" + echo "image_tag=${IMAGE_TAG}" >> "$GITHUB_OUTPUT" diff --git a/.github/actions/sanitize-ref/README.md b/.github/actions/sanitize-ref/README.md new file mode 100644 index 00000000..eb0d9d84 --- /dev/null +++ b/.github/actions/sanitize-ref/README.md @@ -0,0 +1,22 @@ +# `gha-docker/sanitize-ref` + +Sanitizes a git ref name for use in Docker image tags. Used internally by the [push](../../../README-push.md) workflow and [resolve-image](../resolve-image/README.md) action to ensure consistent branch name handling. + +## Sanitization rules + +1. Truncate to 43 characters (reserves space for `.YYYYMMDD-SHA1234567` suffix) +2. Remove trailing `-` +3. Lowercase and remove Norwegian characters (`ÆØÅæøå`) +4. Replace `/`, `.`, `!` with `-` + +## Inputs + +| INPUT | TYPE | REQUIRED | DESCRIPTION | +| ----- | ------ | -------- | ------------------------ | +| `ref` | string | true | Git ref name to sanitize | + +## Outputs + +| OUTPUT | DESCRIPTION | +| ------ | ------------------ | +| `ref` | Sanitized ref name | diff --git a/.github/actions/sanitize-ref/action.yml b/.github/actions/sanitize-ref/action.yml new file mode 100644 index 00000000..49772f05 --- /dev/null +++ b/.github/actions/sanitize-ref/action.yml @@ -0,0 +1,33 @@ +name: Sanitize Ref +description: > + Sanitize a git ref name for use in Docker image tags. + Truncates to 43 chars, lowercases, removes Norwegian characters, + and replaces /, ., ! with hyphens. + +inputs: + ref: + description: "Git ref name to sanitize" + required: true + +outputs: + ref: + description: "Sanitized ref name" + value: ${{ steps.sanitize.outputs.ref }} + +runs: + using: composite + steps: + - name: Sanitize ref + id: sanitize + shell: bash + env: + RAW_REF: ${{ inputs.ref }} + run: | + REF="${RAW_REF}" + REF=${REF:0:43} # truncate to max_len - len(.YYYYMMDD-SHA1234567) + REF=$(echo "$REF" | sed 's/[-]$//') # remove trailing - + REF=$(echo "$REF" | tr '[:upper:]' '[:lower:]' | tr -d '[ÆØÅæøå]') # to ASCII lower case + REF=${REF//\//-} # replace / with - + REF=${REF//./-} # replace . with - + REF=${REF//!/-} # replace ! with - + echo "ref=${REF}" >> "$GITHUB_OUTPUT" diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 671fd364..a5bf2cfe 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,6 +8,7 @@ updates: - ".github/workflows/build.yml" - ".github/workflows/lint.yml" - ".github/workflows/push.yml" + - ".github/actions" groups: minor-and-patch: applies-to: version-updates @@ -25,6 +26,7 @@ updates: - "/.github/workflows/build.yml" - "/.github/workflows/lint.yml" - "/.github/workflows/push.yml" + - "/.github/actions/resolve-image" groups: minor-and-patch: applies-to: version-updates diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 6885e19e..9a56661a 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -84,19 +84,24 @@ jobs: shell: bash run: | echo "GHA_DOCKER_PUSH_DATE=$(date +'%Y%m%d')" >> $GITHUB_ENV - # Convert ref name to a valid git & docker tag name if [[ "${GITHUB_EVENT_NAME}" = "pull_request" ]]; then - BRANCH_NAME=${GITHUB_HEAD_REF} + echo "ref=${GITHUB_HEAD_REF}" >> "$GITHUB_OUTPUT" else - BRANCH_NAME=${GITHUB_REF_NAME} + echo "ref=${GITHUB_REF_NAME}" >> "$GITHUB_OUTPUT" fi - BRANCH_NAME=${BRANCH_NAME:0:43} # truncate to max_len - len(.YYYYMMDD-SHA1234567) - BRANCH_NAME=$(echo "$BRANCH_NAME" | sed s'/[-]$//') # remove trailing - - BRANCH_NAME=$(echo "$BRANCH_NAME" | tr '[:upper:]' '[:lower:]' | tr -d '[ÆØÅæøå]') # to ASCII lower case - BRANCH_NAME=${BRANCH_NAME//\//-} # replace / with - - BRANCH_NAME=${BRANCH_NAME//./-} # replace . with - - BRANCH_NAME=${BRANCH_NAME//!/-} # replace ! with - - echo "GHA_DOCKER_PUSH_BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV + + - name: Sanitize branch name + id: sanitize-branch + uses: ./.github/actions/sanitize-ref + with: + ref: ${{ steps.set-env.outputs.ref }} + + - name: Set sanitized branch name + id: set-branch + shell: bash + env: + SANITIZED_REF: ${{ steps.sanitize-branch.outputs.ref }} + run: echo "GHA_DOCKER_PUSH_BRANCH_NAME=${SANITIZED_REF}" >> $GITHUB_ENV - if: env.GHA_DOCKER_PUSH_IMAGE_NAME == 'repo_name' name: Set image artifact name diff --git a/.github/workflows/resolve-image.yml b/.github/workflows/resolve-image.yml deleted file mode 100644 index 77b7503f..00000000 --- a/.github/workflows/resolve-image.yml +++ /dev/null @@ -1,77 +0,0 @@ -name: Entur/Docker/Resolve Image - -on: - workflow_call: - inputs: - image_name: - description: "Image name to resolve. Defaults to the repository name." - type: string - default: "repo_name" - outputs: - image: - description: "Resolved image name and tag (image_name:image_tag), empty if no image was built for the PR" - value: ${{ jobs.resolve-image.outputs.image }} - image_tag: - description: "Resolved image tag, empty if no image was built for the PR" - value: ${{ jobs.resolve-image.outputs.image_tag }} - pr_number: - description: "The PR number that was merged at the current commit" - value: ${{ jobs.resolve-image.outputs.pr_number }} - -jobs: - resolve-image: - name: Resolve Image - runs-on: ubuntu-24.04 - permissions: - contents: read - pull-requests: read - outputs: - image: ${{ steps.resolve.outputs.image }} - image_tag: ${{ steps.resolve.outputs.image_tag }} - pr_number: ${{ steps.resolve.outputs.pr_number }} - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - fetch-depth: 0 - fetch-tags: true - - - name: Resolve image from merged PR git tag - id: resolve - env: - GH_TOKEN: ${{ github.token }} - GHA_DOCKER_RESOLVE_IMAGE_NAME: ${{ inputs.image_name }} - run: | - # Determine image name (default to repo name) - if [ "$GHA_DOCKER_RESOLVE_IMAGE_NAME" = "repo_name" ]; then - GHA_DOCKER_RESOLVE_IMAGE_NAME="${GITHUB_REPOSITORY#*/}" - fi - - # Find the PR that was merged at this commit - PR_NUMBER=$(gh pr list --search "$GITHUB_SHA" --state merged --json number --jq '.[0].number') - if [ -z "$PR_NUMBER" ]; then - echo "::error::Could not find merged PR for commit $GITHUB_SHA" - exit 1 - fi - echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT" - - # Get the PR branch name and apply the same sanitisation as gha-docker push: - # truncate to 43 chars, strip trailing -, lowercase, replace /.- with - - BRANCH=$(gh pr view "$PR_NUMBER" --json headRefName --jq '.headRefName') - BRANCH=${BRANCH:0:43} - BRANCH=$(echo "$BRANCH" | sed s'/[-]$//') - BRANCH=$(echo "$BRANCH" | tr '[:upper:]' '[:lower:]' | tr -d '[ÆØÅæøå]') - BRANCH=${BRANCH//\//-} - BRANCH=${BRANCH//./-} - BRANCH=${BRANCH//!/-} - - # Find the most recent git tag for this branch (created by the docker push workflow). - # Tags follow the pattern: {branch}.{YYYYMMDD}-SHA{short_sha} - IMAGE_TAG=$(git tag -l "${BRANCH}.*" --sort=-creatordate | head -1) - if [ -z "$IMAGE_TAG" ]; then - echo "::warning::No git tag matching '${BRANCH}.*' (PR #${PR_NUMBER}) — no image was built for this PR, skipping deploy" - exit 0 - fi - - echo "Resolved image: ${GHA_DOCKER_RESOLVE_IMAGE_NAME}:${IMAGE_TAG} (from PR #${PR_NUMBER})" - echo "image=${GHA_DOCKER_RESOLVE_IMAGE_NAME}:${IMAGE_TAG}" >> "$GITHUB_OUTPUT" - echo "image_tag=${IMAGE_TAG}" >> "$GITHUB_OUTPUT" diff --git a/README-resolve-image.md b/README-resolve-image.md deleted file mode 100644 index b6d19330..00000000 --- a/README-resolve-image.md +++ /dev/null @@ -1,51 +0,0 @@ -# `gha-docker/resolve-image` - -Resolves the Docker image that was built during a PR by looking up git tags created by the [push](README-push.md) workflow. Intended for use in CD workflows that run after a PR is merged to `main`. - -> [!TIP] -> This is useful for only building the docker image once in the CI/CD pipelines. - -When the push workflow builds and pushes a Docker image, it also creates a git tag with the image tag value (e.g. `my-branch.20260409-SHA1234567`). This workflow finds the merged PR for the current commit, reconstructs the sanitised branch name, and looks up the most recent matching git tag to resolve the exact image that was built. - -> [!NOTE] -> If no matching tag is found (e.g. docs-only changes), the workflow succeeds with empty `image` and `image_tag` outputs. Downstream deploy jobs can use this to skip deployment. - -## Usage - -Add the following step to your CD workflow: - -```yml -jobs: - resolve-image: - if: github.event_name == 'push' - uses: entur/gha-docker/.github/workflows/resolve-image.yml@v1 - - deploy: - needs: [resolve-image] - if: needs.resolve-image.outputs.image != '' - uses: entur/gha-helm/.github/workflows/deploy.yml@v1 - with: - image: ${{ needs.resolve-image.outputs.image }} -``` - -## Inputs - - - -| INPUT | TYPE | REQUIRED | DEFAULT | DESCRIPTION | -| -------------------------------------------------------------- | ------ | -------- | ------------- | ----------------------------------------------------------- | -| [image_name](#input_image_name) | string | false | `"repo_name"` | Image name to resolve. Defaults
to the repository name. | - - - -## Outputs - - - -| OUTPUT | VALUE | DESCRIPTION | -| ------------------------------------------------------------- | ----------------------------------------------- | --------------------------------------------------------------------------------------- | -| [image](#output_image) | `"${{ jobs.resolve-image.outputs.image }}"` | Resolved image name and tag
(image_name:image_tag), empty if no
image was built | -| [image_tag](#output_image_tag) | `"${{ jobs.resolve-image.outputs.image_tag }}"` | Resolved image tag, empty if
no image was built for
the PR | -| [pr_number](#output_pr_number) | `"${{ jobs.resolve-image.outputs.pr_number }}"` | The PR number that was
merged at the current commit | - - From d92b9cc722d500090644216ce2b376242004cfdf Mon Sep 17 00:00:00 2001 From: Glenn Terjesen Date: Thu, 16 Apr 2026 12:56:44 +0200 Subject: [PATCH 3/4] fix: refer to use github ref instead of ./github/actions --- .github/actions/resolve-image/action.yml | 2 +- .github/workflows/push.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/resolve-image/action.yml b/.github/actions/resolve-image/action.yml index 8eccce53..0ec9849b 100644 --- a/.github/actions/resolve-image/action.yml +++ b/.github/actions/resolve-image/action.yml @@ -41,7 +41,7 @@ runs: - name: Sanitize branch name id: sanitize - uses: ./.github/actions/sanitize-ref + uses: entur/gha-docker/.github/actions/sanitize-ref@CLOUD-4144/resolve-image # TODO: switch to @v1 after testing with: ref: ${{ steps.find-pr.outputs.branch }} diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 9a56661a..dd6d76dc 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -92,7 +92,7 @@ jobs: - name: Sanitize branch name id: sanitize-branch - uses: ./.github/actions/sanitize-ref + uses: entur/gha-docker/.github/actions/sanitize-ref@CLOUD-4144/resolve-image # TODO: switch to @v1 after testing with: ref: ${{ steps.set-env.outputs.ref }} From 43cbf5c1412627f29a4694080a6851f98d23ee78 Mon Sep 17 00:00:00 2001 From: Glenn Terjesen Date: Mon, 20 Apr 2026 14:31:42 +0200 Subject: [PATCH 4/4] fix: refer to @v1 [skip ci] --- .github/actions/resolve-image/action.yml | 2 +- .github/workflows/push.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/resolve-image/action.yml b/.github/actions/resolve-image/action.yml index 0ec9849b..bd6f13bb 100644 --- a/.github/actions/resolve-image/action.yml +++ b/.github/actions/resolve-image/action.yml @@ -41,7 +41,7 @@ runs: - name: Sanitize branch name id: sanitize - uses: entur/gha-docker/.github/actions/sanitize-ref@CLOUD-4144/resolve-image # TODO: switch to @v1 after testing + uses: entur/gha-docker/.github/actions/sanitize-ref@v1 with: ref: ${{ steps.find-pr.outputs.branch }} diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index dd6d76dc..c478592e 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -92,7 +92,7 @@ jobs: - name: Sanitize branch name id: sanitize-branch - uses: entur/gha-docker/.github/actions/sanitize-ref@CLOUD-4144/resolve-image # TODO: switch to @v1 after testing + uses: entur/gha-docker/.github/actions/sanitize-ref@v1 with: ref: ${{ steps.set-env.outputs.ref }}