x/pastebin
1
0
Fork 0
mirror of https://github.com/skidoodle/pastebin synced 2026-04-28 03:07:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d0923ef4ed81bfbe5de0d37fa4405834dd8e0d8b
pastebin/.github/workflows/go-ossf-slsa3-publish.yml
T
x 264669c681 fix goreleaser
2026-04-21 06:50:14 +02:00

65 lines
1.5 KiB
YAML
Raw Blame History

name: SLSA Release
on:
release:
types: [created]
permissions:
contents: write
packages: write
id-token: write
jobs:
build:
outputs:
hashes: ${{ steps.hash.outputs.hashes }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.26.2'
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
id: run-goreleaser
with:
distribution: goreleaser
version: latest
args: release --clean --config .slsa-goreleaser.yaml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Generate hashes
id: hash
run: |
cd dist
echo "hashes=$(sha256sum * | base64 -w0)" >> "$GITHUB_OUTPUT"
provenance:
needs: [build]
permissions:
actions: read
id-token: write
contents: write
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with:
base64-subjects: "${{ needs.build.outputs.hashes }}"
upload-assets: true
Reference in New Issue View Git Blame Copy Permalink