chore(deps): update actions/checkout action to v3

.github/workflows/pr.yml

@@ -6,8 +6,8 @@ jobs:
     runs-on: ubuntu-latest
     name: Verify commit messages
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Run commitsar
-        uses: docker://aevea/commitsar@sha256:b77adebc0437d4f2bfdf9205a39003e88acbc77a9176fd086b386207a5f3f5cb
+        uses: docker://aevea/commitsar@sha256:27ea5e528b153393e924d98764d6400a181f03768d972ba151b3ddc9f14ff12c

.github/workflows/push.yml

@@ -11,7 +11,7 @@ jobs:
       - name: GitHub Package Registry
         uses: aevea/action-kaniko@master
         with:
-          registry: docker.pkg.github.com
+          registry: ghcr.io
           password: ${{ secrets.GITHUB_TOKEN }}
           image: kaniko
           cache: true

.github/workflows/release.yml

@@ -10,19 +10,19 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
       - name: Release Notary Action
-        uses: docker://aevea/release-notary@sha256:8b26ced466da96b23a947d5c9e58baac22ee1192fd08200011e5b178f42118a0
+        uses: docker://aevea/release-notary@sha256:03e771a509881121758b05217a8938ca8379d29dfa69a2605ceca06ffca2db4d
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: GitHub Package Registry
         uses: aevea/action-kaniko@master
         with:
-          registry: docker.pkg.github.com
+          registry: ghcr.io
           password: ${{ secrets.GITHUB_TOKEN }}
           image: kaniko
           cache: true

README.md

@@ -56,6 +56,7 @@ the most used values. So, technically there is a single required argument
 | path                  | Path to the build context. Defaults to `.`                      | false    | .               |
 | tag_with_latest       | Tags the built image with additional latest tag                 | false    |                 |
 | target                | Sets the target stage to build                                  | false    |                 |
+| debug                 | Enables trace for entrypoint.sh                                 | false    |                 |
 
 **Here is where it gets specific, as the optional arguments become required depending on the registry targeted**
 
@@ -83,7 +84,7 @@ with:
   cache_registry: aevea/cache
 ```
 
-### [docker.pkg.github.com](https://github.com/features/packages)
+### [ghcr.io](https://github.com/features/packages)
 
 GitHub's docker registry is a bit special. It doesn't allow top-level images, so this action will prefix any image with the GitHub namespace.
 If you want to push your image like `aevea/action-kaniko/kaniko`, you'll only need to pass `kaniko` to this action.
@@ -93,7 +94,7 @@ passed by default, it will have to be explicitly set up.
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
 ```
@@ -104,7 +105,7 @@ cache layers to that image instead
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
   cache: true
@@ -167,7 +168,7 @@ Example:
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
   strip_tag_prefix: pre-

action.yml

@@ -54,6 +54,9 @@ inputs:
   target:
     description: Sets the target stage to build
     required: false
+  debug:
+    description: Enables trace for entrypoint.sh
+    required: false
 runs:
   using: "docker"
   image: "Dockerfile"

entrypoint.sh

@@ -1,5 +1,8 @@
 #!/busybox/sh
 set -e pipefail
+if [[ "$INPUT_DEBUG" == "true" ]]; then
+    set -o xtrace
+fi
 
 export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
 export IMAGE=${INPUT_IMAGE}
@@ -14,7 +17,7 @@ export IMAGE=$IMAGE:$TAG
 export CONTEXT_PATH=${INPUT_PATH}
 
 if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
-    export IMAGE_LATEST="$IMAGE:latest"
+    export IMAGE_LATEST="$REPOSITORY:latest"
 fi
 
 function ensure() {
@@ -31,7 +34,7 @@ ensure "${IMAGE}" "image"
 ensure "${TAG}" "tag"
 ensure "${CONTEXT_PATH}" "path"
 
-if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
+if [ "$REGISTRY" == "ghcr.io" ]; then
     IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
     export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
     export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
@@ -91,8 +94,8 @@ EOF
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
     export DIGEST=$(cat digest)
 
-    if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
-        wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64 | tr -d \\n)" https://docker.pkg.github.com/v2/$REPOSITORY/manifests/latest || true
+    if [ "$REGISTRY" == "ghcr.io" ]; then
+        wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64 | tr -d \\n)" https://ghcr.io/v2/$REPOSITORY/manifests/latest || true
         export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
     else
         export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)