mirror of
https://github.com/Belphemur/CBZOptimizer.git
synced 2025-10-13 20:18:52 +02:00
56 lines
1.7 KiB
YAML
56 lines
1.7 KiB
YAML
#
|
|
# Releaser workflow setup
|
|
# https://goreleaser.com/ci/actions/
|
|
#
|
|
name: release
|
|
|
|
# run only on tags
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
|
|
permissions:
|
|
contents: write # needed to write releases
|
|
id-token: write # needed for keyless signing
|
|
packages: write # needed for ghcr access
|
|
attestations: write # needed for attestations
|
|
|
|
jobs:
|
|
release:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0 # this is important, otherwise it won't checkout the full tree (i.e. no previous tags)
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v6
|
|
with:
|
|
go-version-file: go.mod
|
|
cache: true
|
|
- uses: sigstore/cosign-installer@v3.9.2 # installs cosign
|
|
- uses: anchore/sbom-action/download-syft@v0.20.5 # installs syft
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- uses: docker/login-action@v3 # login to ghcr
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- uses: goreleaser/goreleaser-action@v6 # run goreleaser
|
|
with:
|
|
version: nightly
|
|
args: release --clean --verbose
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
# After GoReleaser runs, attest all the files in ./dist/checksums.txt:
|
|
- uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-checksums: ./dist/checksums.txt
|
|
# After GoReleaser runs, attest all the images in ./dist/digests.txt:
|
|
- uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-checksums: ./dist/digests.txt
|