@@ -17,18 +17,11 @@ jobs:
1717 - name : Install Cosign
18181919
20- - name : Install Chainloop
21- run : |
22- curl -sfL https://docs.chainloop.dev/install.sh | bash -s -- --version v${{ env.CHAINLOOP_VERSION }}
23-
2420 - name : Checkout
2521 uses : actions/checkout@v3
2622 with :
2723 fetch-depth : 0
2824
29- - name : Initialize Attestation
30- run : chainloop attestation init # --contract-revision 2
31-
3225 - name : Set up Go
3326 uses : actions/setup-go@v3
3427 with :
6154 output-file : /tmp/sbom.cyclonedx.json
6255 env :
6356 IMAGE : ghcr.io/chainloop-dev/integration-demo:${{ github.ref_name }}
64-
65- - name : Add Container Image Artifact
66- run : chainloop attestation add --name image --value ghcr.io/chainloop-dev/integration-demo:${{ github.ref_name }}
67-
68- - name : Add SBOM Artifact
69- run : chainloop attestation add --name sbom --value /tmp/sbom.cyclonedx.json
70-
71- - name : Add Binary Artifact
72- run : |
73- BINARY_PATH="$(echo -n '${{ steps.release.outputs.metadata }}' | jq -r '"dist/" + .project_name + "_" + .version + "_" + .runtime.goos + "_" + .runtime.goarch + ".tar.gz"')"
74-
75- chainloop attestation add --name binary --value ${BINARY_PATH}
76-
77- name : Finish and Record Attestation
78- if : ${{ success() }}
79- run : |
80- chainloop attestation status --full
81- chainloop attestation push --key env://CHAINLOOP_SIGNING_KEY
82- env :
83- CHAINLOOP_SIGNING_KEY : ${{ secrets.COSIGN_PRIVATE_KEY }}
84- CHAINLOOP_SIGNING_PASSWORD : ${{ secrets.COSIGN_PASSWORD }}
85-
86- - name : Mark attestation as failed
87- if : ${{ failure() }}
88- run : |
89- chainloop attestation reset
90-
91- name : Mark attestation as cancelled
92- if : ${{ cancelled() }}
93- run : |
94- chainloop attestation reset --trigger cancellation
95- env :
96- CHAINLOOP_VERSION : 0.8.95
97- CHAINLOOP_ROBOT_ACCOUNT : ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT }}
0 commit comments