chore: bump version #20
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: releaser | |
| on: | |
| push: | |
| tags: | |
| - 'v*.*.*' | |
| permissions: | |
| contents: read | |
| jobs: | |
| releaser: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ncipollo/release-action@v1 | |
| with: | |
| generateReleaseNotes: true | |
| - uses: anchore/sbom-action@v0 | |
| build-and-publish-oci: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v2 | |
| - name: Set up Go | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: '1.21' | |
| - name: Convert Repository Name to Lowercase | |
| id: lowercase | |
| run: echo "::set-output name=name::$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" | |
| - name: Extract Version | |
| id: tagger | |
| uses: battila7/get-version-action@v2 | |
| - name: Print Version | |
| run: | | |
| echo ${{steps.tagger.outputs.version}} | |
| echo ${{steps.tagger.outputs.version-without-v}} | |
| - name: Install Cosign | |
| uses: sigstore/cosign-installer@v3.1.1 | |
| with: | |
| cosign-release: 'v2.2.2' | |
| - name: Build the OCI Image | |
| run: docker build -t ghcr.io/${{ steps.lowercase.outputs.name }}:${{ steps.tagger.outputs.version-without-v }} . | |
| working-directory: . | |
| - name: Login to GitHub Packages | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Push the OCI Image | |
| run: docker push ghcr.io/${{ steps.lowercase.outputs.name }}:${{ steps.tagger.outputs.version-without-v }} | |
| - name: Sign image with Cosign | |
| run: | | |
| cosign sign --yes --key env://COSIGN_PRIVATE_KEY "ghcr.io/${{ steps.lowercase.outputs.name }}:${{ steps.tagger.outputs.version-without-v }}" | |
| env: | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| helm-publish: | |
| # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions | |
| # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure Git | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "$GITHUB_ACTOR@users.noreply.github.com" | |
| - name: Install Helm | |
| uses: azure/setup-helm@v3 | |
| - name: Run chart-releaser | |
| uses: helm/chart-releaser-action@v1.6.0 | |
| env: | |
| CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" |