build.yml

Documentation: github.com/sigstore/rekor/.github/workflows

     1#
     2# Copyright 2021 The Sigstore Authors.
     3#
     4# Licensed under the Apache License, Version 2.0 (the "License");
     5# you may not use this file except in compliance with the License.
     6# You may obtain a copy of the License at
     7#
     8#     http://www.apache.org/licenses/LICENSE-2.0
     9#
    10# Unless required by applicable law or agreed to in writing, software
    11# distributed under the License is distributed on an "AS IS" BASIS,
    12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13# See the License for the specific language governing permissions and
    14# limitations under the License.
    15
    16name: CI-Container-Build
    17
    18on:
    19  workflow_dispatch:
    20  push:
    21    branches:
    22      - main
    23      - 'release-**'
    24    tags:
    25      - '*'
    26
    27jobs:
    28  build:
    29    name: build
    30    runs-on: ubuntu-latest
    31
    32    permissions:
    33      id-token: write
    34      contents: read
    35
    36    steps:
    37      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
    38      - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
    39
    40      - name: Extract version of Go to use
    41        run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV
    42
    43      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
    44        with:
    45          go-version: ${{ env.GOVERSION }}
    46
    47      - name: deps
    48        run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev
    49
    50      - uses: ko-build/setup-ko@ace48d793556083a76f1e3e6068850c1f4a369aa # v0.6
    51
    52      - name: Set up Cloud SDK
    53        uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
    54        with:
    55          workload_identity_provider: 'projects/498091336538/locations/global/workloadIdentityPools/githubactions/providers/sigstore-rekor'
    56          service_account: 'github-actions-rekor@projectsigstore.iam.gserviceaccount.com'
    57
    58      - name: creds
    59        run: gcloud auth configure-docker --quiet
    60
    61      - name: container
    62        run: KO_PREFIX=gcr.io/projectsigstore/rekor/ci/rekor make sign-keyless-ci
    63        env:
    64          COSIGN_YES: true
View as plain text