Skip to content

build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3… #57

build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3…

build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3… #57

Workflow file for this run

---
name: snapshot
on:
push:
branches:
- "main"
workflow_dispatch:
inputs:
dry_run:
description: If set, run a dry-run snapshot
default: false
type: boolean
permissions:
contents: read
jobs:
validate:
runs-on: ubuntu-latest
outputs:
is-snapshot: ${{ steps.validate.outputs.is-snapshot }}
steps:
- uses: actions/checkout@v4
- name: Validate version is a snapshot version
id: validate
run: |
output=false
if [[ "$(./mvnw -q help:evaluate -Dexpression=project.version -DforceStdout)" =~ "-SNAPSHOT" ]]; then
echo "This is a snapshot version"
output=true
fi
echo "is-snapshot=$output" >> "$GITHUB_OUTPUT"
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: validate
if: ${{ contains(needs.validate.outputs.is-snapshot, 'true') }}
permissions:
attestations: write
contents: write
id-token: write
env:
TARBALL_FILE: artifacts.tar
steps:
- id: buildkite-run
name: Run Deploy
uses: elastic/oblt-actions/buildkite/[email protected]
with:
pipeline: ecs-logging-java-snapshot
token: ${{ secrets.BUILDKITE_TOKEN }}
wait-for: true
env-vars: |
dry_run=${{ inputs.dry_run || 'false' }}
TARBALL_FILE=${{ env.TARBALL_FILE }}
- uses: elastic/oblt-actions/buildkite/[email protected]
with:
build-number: ${{ steps.buildkite-run.outputs.number }}
path: ${{ env.TARBALL_FILE }}
pipeline: ${{ steps.buildkite-run.outputs.pipeline }}
token: ${{ secrets.BUILDKITE_TOKEN }}
- name: untar the buildkite tarball
run: tar xvf ${{ env.TARBALL_FILE }}
- name: generate build provenance
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-path: "${{ github.workspace }}/**/target/*.jar"
- if: ${{ failure() }}
uses: elastic/oblt-actions/slack/[email protected]
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: "#apm-agent-java"
message: |
:ghost: [${{ github.repository }}] Snapshot *${{ github.ref_name }}* didn't get triggered in Buildkite.
Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>)