1name: Cut Release
2
3on:
4 workflow_dispatch:
5 inputs:
6 release_tag:
7 required: true
8 type: string
9 description: 'Release tag'
10 key_ring:
11 required: true
12 type: string
13 description: 'Key ring for cosign key'
14 key_name:
15 required: true
16 type: string
17 description: 'Key name for cosign key'
18
19concurrency: cut-release
20
21jobs:
22 cut-release:
23 name: Cut release
24 uses: sigstore/sigstore/.github/workflows/reusable-release.yml@main
25 permissions:
26 id-token: write
27 contents: read
28 with:
29 release_tag: ${{ github.event.inputs.release_tag }}
30 key_ring: ${{ github.event.inputs.key_ring }}
31 key_name: ${{ github.event.inputs.key_name }}
32 workload_identity_provider: 'projects/498091336538/locations/global/workloadIdentityPools/githubactions/providers/sigstore-cosign'
33 service_account: 'github-actions-cosign@projectsigstore.iam.gserviceaccount.com'
34 repo: 'cosign'
View as plain text