mirror of
https://github.com/ossf/scorecard.git
synced 2024-10-06 05:37:42 +03:00
d77f59f0ef
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 1.2.1 to 2.4.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](f700e6fbba...48866aa521)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
67 lines
2.0 KiB
YAML
67 lines
2.0 KiB
YAML
# Copyright 2021 Security Scorecard Authors
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
name: publishimage
|
|
|
|
permissions: read-all
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
env:
|
|
GO_VERSION: 1.17.7
|
|
|
|
jobs:
|
|
unit-test:
|
|
name: publishimage
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
packages: write
|
|
env:
|
|
COSIGN_EXPERIMENTAL: "true"
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@74b568e8591fbb3115c70f3436a0c6b0909a8504
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- name: Clone the code
|
|
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Setup Go
|
|
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
- name: install ko
|
|
uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675
|
|
- name: publishimage
|
|
uses: nick-invision/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c
|
|
with:
|
|
max_attempts: 3
|
|
retry_on: error
|
|
timeout_minutes: 30
|
|
command: |
|
|
go env -w GOFLAGS=-mod=mod
|
|
make install
|
|
make scorecard-ko
|
|
- name: Install Cosign
|
|
uses: sigstore/cosign-installer@48866aa521d8bf870604709cd43ec2f602d03ff2
|
|
- name: Sign image
|
|
run: |
|
|
cosign sign ghcr.io/${{github.repository_owner}}/scorecard/v4:${{ github.sha }}
|