try to publish sbom with next release
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
0fe94d7dc1
commit
edd03aca2f
@ -30,6 +30,7 @@ steps:
|
||||
- name: build
|
||||
image: goreleaser/goreleaser
|
||||
commands:
|
||||
- curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin v0.64.0
|
||||
- goreleaser build --snapshot
|
||||
when:
|
||||
event:
|
||||
@ -59,6 +60,7 @@ steps:
|
||||
GPG_PRIVATE_KEY_BASE64:
|
||||
from_secret: GPG_PRIVATE_KEY_BASE64
|
||||
commands:
|
||||
- curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin v0.64.0
|
||||
- apk add gpg-agent
|
||||
- gpg-agent --daemon --default-cache-ttl 7200
|
||||
- echo $GPG_PRIVATE_KEY_BASE64 | base64 -d | gpg --import --batch --no-tty
|
||||
|
19
.github/workflows/release.yml
vendored
19
.github/workflows/release.yml
vendored
@ -18,26 +18,25 @@ jobs:
|
||||
goreleaser:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Unshallow
|
||||
- name: Unshallow
|
||||
run: git fetch --prune --unshallow
|
||||
-
|
||||
name: Set up Go
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: 1.18
|
||||
-
|
||||
name: Import GPG key
|
||||
- name: Import GPG key
|
||||
id: import_gpg
|
||||
uses: crazy-max/ghaction-import-gpg@v5.2.0
|
||||
with:
|
||||
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||
passphrase: ${{ secrets.PASSPHRASE }}
|
||||
-
|
||||
name: Run GoReleaser
|
||||
- name: setup-syft
|
||||
run: |
|
||||
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | \
|
||||
sh -s -- -b /usr/local/bin v0.64.0
|
||||
- name: Run GoReleaser
|
||||
uses: goreleaser/goreleaser-action@v4.1.0
|
||||
with:
|
||||
version: latest
|
||||
|
@ -41,6 +41,8 @@ checksum:
|
||||
name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
|
||||
name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
|
||||
algorithm: sha256
|
||||
sboms:
|
||||
- artifacts: archive
|
||||
signs:
|
||||
- artifacts: checksum
|
||||
args:
|
||||
|
Loading…
Reference in New Issue
Block a user