mirror of
https://github.com/goreleaser/nfpm
synced 2024-04-28 13:45:14 +02:00
chore(ci): publish sboms
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
This commit is contained in:
Carlos A Becker
parent
78b0a49a99
commit
ebe9ddfb6f
|
|
@ -16,24 +16,16 @@ jobs:
|
|||
os: [ ubuntu-latest, macos-latest, windows-latest ]
|
||||
runs-on: ${{ matrix.os }}
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
-
|
||||
name: Set up Go
|
||||
uses: actions/setup-go@v2
|
||||
- uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: ${{ matrix.go-version }}
|
||||
-
|
||||
name: Set up Task
|
||||
uses: arduino/setup-task@v1
|
||||
- uses: arduino/setup-task@v1
|
||||
with:
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
-
|
||||
name: Cache Go modules
|
||||
uses: actions/cache@v2
|
||||
- uses: actions/cache@v2
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
|
|
@ -41,18 +33,10 @@ jobs:
|
|||
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-go-
|
||||
-
|
||||
name: Setup
|
||||
run: task setup
|
||||
-
|
||||
name: Unit Tests
|
||||
run: task test
|
||||
-
|
||||
name: Diff
|
||||
run: git diff
|
||||
-
|
||||
name: Upload coverage
|
||||
uses: codecov/codecov-action@v2
|
||||
- run: task setup
|
||||
- run: task test
|
||||
- run: git diff
|
||||
- uses: codecov/codecov-action@v2
|
||||
if: matrix.os == 'ubuntu-latest'
|
||||
with:
|
||||
token: ${{ secrets.CODECOV_TOKEN }}
|
||||
|
|
@ -68,24 +52,16 @@ jobs:
|
|||
DOCKER_CLI_EXPERIMENTAL: "enabled"
|
||||
NO_TEST_PPC64LE: "true"
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
-
|
||||
name: Set up Go
|
||||
uses: actions/setup-go@v2
|
||||
- uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: ${{ matrix.go-version }}
|
||||
-
|
||||
name: Set up Task
|
||||
uses: arduino/setup-task@v1
|
||||
- uses: arduino/setup-task@v1
|
||||
with:
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
-
|
||||
name: Cache Go modules
|
||||
uses: actions/cache@v2
|
||||
- uses: actions/cache@v2
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
|
|
@ -93,18 +69,10 @@ jobs:
|
|||
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-go-
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
-
|
||||
name: Setup
|
||||
run: task setup
|
||||
-
|
||||
name: Acceptance
|
||||
run: TEST_PATTERN=/${{ matrix.pkgFormat }}/${{ matrix.pkgPlatform }}/ task acceptance
|
||||
- uses: docker/setup-qemu-action@v1
|
||||
- uses: docker/setup-buildx-action@v1
|
||||
- run: task setup
|
||||
- run: TEST_PATTERN=/${{ matrix.pkgFormat }}/${{ matrix.pkgPlatform }}/ task acceptance
|
||||
goreleaser:
|
||||
strategy:
|
||||
matrix:
|
||||
|
|
@ -119,24 +87,16 @@ jobs:
|
|||
id-token: write
|
||||
packages: write
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
-
|
||||
name: Set up Go
|
||||
uses: actions/setup-go@v2
|
||||
- uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: ${{ matrix.go-version }}
|
||||
-
|
||||
name: Set up Task
|
||||
uses: arduino/setup-task@v1
|
||||
- uses: arduino/setup-task@v1
|
||||
with:
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
-
|
||||
name: Cache Go modules
|
||||
uses: actions/cache@v2
|
||||
- uses: actions/cache@v2
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
|
|
@ -144,39 +104,24 @@ jobs:
|
|||
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-go-
|
||||
-
|
||||
name: Setup Sigstore
|
||||
uses: sigstore/cosign-installer@v1.4.1
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
-
|
||||
name: Setup
|
||||
run: task setup
|
||||
-
|
||||
name: Build
|
||||
run: task build
|
||||
-
|
||||
name: Login to Docker Hub
|
||||
- uses: sigstore/cosign-installer@v1.4.1
|
||||
- uses: anchore/sbom-action/download-syft@v0.6.0
|
||||
- uses: docker/setup-qemu-action@v1
|
||||
- uses: docker/setup-buildx-action@v1
|
||||
- run: task setup
|
||||
- run: task build
|
||||
- uses: docker/login-action@v1
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
-
|
||||
name: Login to GitHub Container Registry
|
||||
- uses: docker/login-action@v1
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
-
|
||||
name: Run GoReleaser
|
||||
uses: goreleaser/goreleaser-action@v2
|
||||
- uses: goreleaser/goreleaser-action@v2
|
||||
if: success()
|
||||
with:
|
||||
version: latest
|
||||
|
|
|
|||
|
|
@ -142,6 +142,8 @@ nfpms:
|
|||
furies:
|
||||
- account: goreleaser
|
||||
|
||||
sboms:
|
||||
- artifacts: archive
|
||||
signs:
|
||||
- cmd: cosign
|
||||
env:
|
||||
|
|
@ -151,7 +153,6 @@ signs:
|
|||
artifacts: checksum
|
||||
args:
|
||||
- sign-blob
|
||||
- '--oidc-issuer={{if index .Env "CI"}}https://token.actions.githubusercontent.com{{else}}https://oauth2.sigstore.dev/auth{{end}}'
|
||||
- '--output-certificate=${certificate}'
|
||||
- '--output-signature=${signature}'
|
||||
- '${artifact}'
|
||||
|
|
@ -163,7 +164,6 @@ docker_signs:
|
|||
output: true
|
||||
args:
|
||||
- 'sign'
|
||||
- '--oidc-issuer={{if index .Env "CI"}}https://token.actions.githubusercontent.com{{else}}https://oauth2.sigstore.dev/auth{{end}}'
|
||||
- '${artifact}'
|
||||
|
||||
changelog:
|
||||
|
|
|
|||
Loading…
Reference in New Issue