more slsa (#443) #27
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ECM Distro Tools Release | |
on: | |
push: | |
tags: | |
- "v*" | |
jobs: | |
release: | |
permissions: | |
contents: write | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build ECM Distro Tools | |
run: | | |
export VERSION=${GITHUB_REF_NAME} | |
make test | |
make package-binaries | |
- name: Publish Binaries | |
uses: SierraSoftworks/[email protected] | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
overwrite: "true" | |
files: | | |
${{ github.workspace }}/bin/bootstrap_hash | |
${{ github.workspace }}/bin/check_for_k8s_release | |
${{ github.workspace }}/bin/cut_k3s_release_issue | |
${{ github.workspace }}/bin/cut_rke2_release_issue | |
${{ github.workspace }}/bin/delete_release_assets | |
${{ github.workspace }}/bin/rancher_image_scan | |
${{ github.workspace }}/bin/tag_image_build_k8s_release | |
${{ github.workspace }}/bin/tag_rke2_packaging_release | |
${{ github.workspace }}/bin/tag_rke2_release | |
${{ github.workspace }}/bin/update_go | |
${{ github.workspace }}/bin/utility_index | |
${{ github.workspace }}/bin/verify_rke2_charts | |
${{ github.workspace }}/bin/weekly_report | |
${{ github.workspace }}/cmd/backport/bin/backport-darwin-amd64 | |
${{ github.workspace }}/cmd/backport/bin/backport-darwin-arm64 | |
${{ github.workspace }}/cmd/backport/bin/backport-linux-amd64 | |
${{ github.workspace }}/cmd/backport/bin/backport-linux-arm64 | |
${{ github.workspace }}/cmd/backport/bin/sha256sums-backport.txt | |
${{ github.workspace }}/cmd/release/bin/release-darwin-amd64 | |
${{ github.workspace }}/cmd/release/bin/release-darwin-arm64 | |
${{ github.workspace }}/cmd/release/bin/release-linux-amd64 | |
${{ github.workspace }}/cmd/release/bin/release-linux-arm64 | |
${{ github.workspace }}/cmd/release/bin/sha256sums-release.txt | |
${{ github.workspace }}/cmd/gen_release_report/bin/gen_release_report-darwin-amd64 | |
${{ github.workspace }}/cmd/gen_release_report/bin/gen_release_report-darwin-arm64 | |
${{ github.workspace }}/cmd/gen_release_report/bin/gen_release_report-linux-amd64 | |
${{ github.workspace }}/cmd/gen_release_report/bin/gen_release_report-linux-arm64 | |
${{ github.workspace }}/cmd/gen_release_report/bin/sha256sums-gen_release_report.txt | |
${{ github.workspace }}/cmd/rancher_release/bin/rancher_release-darwin-amd64 | |
${{ github.workspace }}/cmd/rancher_release/bin/rancher_release-darwin-arm64 | |
${{ github.workspace }}/cmd/rancher_release/bin/rancher_release-linux-amd64 | |
${{ github.workspace }}/cmd/rancher_release/bin/rancher_release-linux-arm64 | |
${{ github.workspace }}/cmd/rancher_release/bin/sha256sums-rancher_release.txt | |
${{ github.workspace }}/cmd/rke2_release/bin/rke2_release-darwin-amd64 | |
${{ github.workspace }}/cmd/rke2_release/bin/rke2_release-darwin-arm64 | |
${{ github.workspace }}/cmd/rke2_release/bin/rke2_release-linux-amd64 | |
${{ github.workspace }}/cmd/rke2_release/bin/rke2_release-linux-arm64 | |
${{ github.workspace }}/cmd/rke2_release/bin/sha256sums-rke2_release.txt | |
${{ github.workspace }}/cmd/semv/bin/semv-darwin-amd64 | |
${{ github.workspace }}/cmd/semv/bin/semv-darwin-arm64 | |
${{ github.workspace }}/cmd/semv/bin/semv-linux-amd64 | |
${{ github.workspace }}/cmd/semv/bin/semv-linux-arm64 | |
${{ github.workspace }}/cmd/semv/bin/sha256sums-semv.txt | |
${{ github.workspace }}/cmd/test_coverage/bin/test_coverage-darwin-amd64 | |
${{ github.workspace }}/cmd/test_coverage/bin/test_coverage-darwin-arm64 | |
${{ github.workspace }}/cmd/test_coverage/bin/test_coverage-linux-amd64 | |
${{ github.workspace }}/cmd/test_coverage/bin/test_coverage-linux-arm64 | |
${{ github.workspace }}/cmd/test_coverage/bin/sha256sums-test_coverage.txt | |
${{ github.workspace }}/cmd/upstream_go_version/bin/upstream_go_version-darwin-amd64 | |
${{ github.workspace }}/cmd/upstream_go_version/bin/upstream_go_version-darwin-arm64 | |
${{ github.workspace }}/cmd/upstream_go_version/bin/upstream_go_version-linux-amd64 | |
${{ github.workspace }}/cmd/upstream_go_version/bin/upstream_go_version-linux-arm64 | |
${{ github.workspace }}/cmd/upstream_go_version/bin/sha256sums-upstream_go_version.txt | |
${{ github.workspace }}/ecm-distro-tools.darwin-amd64.tar.gz | |
${{ github.workspace }}/ecm-distro-tools.darwin-arm64.tar.gz | |
${{ github.workspace }}/ecm-distro-tools.linux-amd64.tar.gz | |
${{ github.workspace }}/ecm-distro-tools.linux-arm64.tar.gz | |
- name: Docker Hub Login | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Setup Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Install Cosign | |
uses: sigstore/[email protected] | |
- name: Build and push | |
run: make build-image | |
env: | |
ACTION: push | |
TAG: ${{ github.ref_name }} | |
- name: Build and push Prime images | |
run: | | |
IID_FILE=$(mktemp) | |
IID_FILE_FLAG="--iidfile ${IID_FILE}" make build-image | |
cosign sign --oidc-provider=github-actions --yes "${IMAGE_NO_TAG}@$(head -n 1 ${IID_FILE})" | |
TAG="${TAG}-amd64" IID_FILE_FLAG="--iidfile ${IID_FILE}" make build-image | |
env: | |
TAG: ${{ github.ref_name }} | |
REPO: rancher/ecm-distro-tools | |
IMAGE_NO_TAG: rancher/ecm-distro-tools |