chore(deps): bump docker/build-push-action from 6.19.2 to 7.0.0

[dependabot]

Bumps docker/build-push-action from 6.19.2 to 7.0.0.

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in docker/build-push-action#1470
• Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @​crazy-max in docker/build-push-action#1473
• Remove legacy export-build tool support for build summary by @​crazy-max in docker/build-push-action#1474
• Switch to ESM and update config/test wiring by @​crazy-max in docker/build-push-action#1466
• Bump @​actions/core from 1.11.1 to 3.0.0 in docker/build-push-action#1454
• Bump @​docker/actions-toolkit from 0.62.1 to 0.79.0 in docker/build-push-action#1453 docker/build-push-action#1472 docker/build-push-action#1479
• Bump minimatch from 3.1.2 to 3.1.5 in docker/build-push-action#1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

Commits

• d08e5c3 Merge pull request #1479 from docker/dependabot/npm_and_yarn/docker/actions-t...
• cbd2dff chore: update generated content
• f76f51f chore(deps): Bump @​docker/actions-toolkit from 0.78.0 to 0.79.0
• 7d03e66 Merge pull request #1473 from crazy-max/rm-deprecated-envs
• 98f853d chore: update generated content
• cadccf6 remove deprecated envs
• 03fe877 Merge pull request #1478 from docker/dependabot/github_actions/docker/setup-b...
• 827e366 chore(deps): Bump docker/setup-buildx-action from 3 to 4
• e25db87 Merge pull request #1474 from crazy-max/rm-export-build-tool
• 1ac2573 Merge pull request #1470 from crazy-max/node24
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[greptile-apps]

Greptile Summary

This PR bumps docker/build-push-action from v6.19.2 to v7.0.0 in the Docker Publish workflow. The change is a single-line SHA update with the version comment updated accordingly.

Key points about the v7.0.0 release:

• Node 24 is now the default runtime, requiring Actions Runner v2.327.1 or later. GitHub-hosted runners (ubuntu-latest) receive automatic updates, so this should not be a blocker.
• Deprecated environment variables DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS were removed — neither is used in this workflow, so there is no breakage.
• Legacy export-build tool support for build summaries was removed — not used here.
• The SHA is correctly pinned to d08e5c354a6adb9ed34480a06d141179aa583294 matching v7.0.0, consistent with the existing security practice in this file.

One minor observation: docker/setup-buildx-action is still pinned to v3 in the workflow. The build-push-action v7 internally bumped its own CI dependency on setup-buildx-action to v4, but this is not a hard consumer requirement — v3 remains compatible with build-push-action v7 and no action is needed here.

Confidence Score: 5/5

• This PR is safe to merge — it is a routine Dependabot dependency bump with no breaking changes affecting the workflow.
• The change is a single-line SHA update for a well-known GitHub Action. The workflow does not use any of the APIs removed in v7.0.0, the SHA is correctly pinned, and GitHub-hosted runners on ubuntu-latest will satisfy the Node 24 / Runner v2.327.1 requirement automatically.
• No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/docker-publish.yml	Single-line bump of docker/build-push-action from v6.19.2 (SHA 10e90e36) to v7.0.0 (SHA d08e5c35); SHA pinning is preserved and no removed APIs are used by this workflow.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A([Push tag / workflow_dispatch]) --> B[actions/checkout v4]
    B --> C[docker/setup-qemu-action v3]
    C --> D[docker/setup-buildx-action v3]
    D --> E[docker/login-action v3]
    E --> F[docker/metadata-action v5\nGenerate image tags & labels]
    F --> G["docker/build-push-action **v7.0.0**\nBuild linux/amd64 + linux/arm64\nPush to ghcr.io"]
    G --> H[actions/attest-build-provenance v2\nAttest build provenance]
    style G fill:#d4edda,stroke:#28a745

Loading

_{Last reviewed commit: 1da05f5}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!