Push without building?

[testersen]

I have two separate jobs for building and publishing a container image:

The Boot Image job creates the image, exports it to a tar and uploads it to the job artifacts, I have some jobs that need to run inbetween the build and publishing jobs, such as scanning the image for vulnerabilities, creating a Software Bill Of Materials from the image, and creating an attestation on the generated SBOM, etc.

On the publishing job I used to just push the image using docker push, which worked perfectly. But I have some jobs I need to run after the image is published which also needs to consume the published container image digest, in which scenario build-push-action would work amazingly because that digest is captured and exported through the step outputs.

I thought I could just download the artifact, docker load -i the tar file and build-push-action to push the image our internal registry, however, it was not as easy as I expected. I continue to receive failed to read dockerfile: open Dockerfile: no such file or directory. Is there a way to use docker/build-push-action to only push and not build the image?

Here is my publishing workflow steps:

# Download the image artifact
- name: Download Image Artifact
  uses: actions/download-artifact@v4
  with:
    name: ${{ inputs.image-artifact-name }}

# Load the image artifact
- name: Load Image Artifact
  run: docker load -i ${{ inputs.image-artifact-name }}

# hidden: sign into the container registry

# Extract the image metadata
- name: Extract metadata
  id: meta
  uses: docker/metadata-action@v5
  with:
    images: ${{ inputs.image-name }}

# Push the image
- name: Push Image
  uses: docker/build-push-action@v6
  id: push
  with:
    push: true
    tags: ${{ steps.meta.outputs.tags }}
    annotations: ${{ steps.meta.outputs.annotations }}
    labels: ${{ steps.meta.outputs.labels }}