Skip to content

fix: attest build artefacts #253

fix: attest build artefacts

fix: attest build artefacts #253

Workflow file for this run

name: build
on:
pull_request:
branches:
- main
permissions: {}
jobs:
build-snapshot:
permissions:
contents: read
packages: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: stable
- run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV"
- uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
id: goreleaser
with:
version: latest
args: build --clean --debug --single-target --snapshot
- name: Login to GHCR
if: github.actor != 'dependabot[bot]'
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Get Docker metadata
if: github.actor != 'dependabot[bot]'
id: docker_metadata
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ghcr.io/${{ github.repository }}
- run: echo "GITHUB_REPOSITORY_NAME=$(basename ${{ github.repository }})" >> "$GITHUB_ENV"
- name: Build and push container image
if: github.actor != 'dependabot[bot]'
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
push: true
tags: ${{ steps.docker_metadata.outputs.tags }}
labels: ${{ steps.docker_metadata.outputs.labels }}
file: Dockerfile
build-args: BINARY=lagoon-opensearch-sync
context: dist/lagoon-opensearch-sync_linux_amd64_v1
check-tag:
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
fetch-depth: 0
- id: ccv
uses: smlx/ccv@c5f6769c943c082c4e8d8ccf2ec4b6f5f517e1f2 # v0.7.3
with:
write-tag: false
- run: |
echo "new-tag=$NEW_TAG"
echo "new-tag-version=$NEW_TAG_VERSION"
env:
NEW_TAG: ${{steps.ccv.outputs.new-tag}}
NEW_TAG_VERSION: ${{steps.ccv.outputs.new-tag-version}}