SLSA Releaser #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: SLSA Releaser | ||
on: | ||
workflow_dispatch: | ||
permissions: | ||
contents: read | ||
jobs: | ||
args: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
build-time: ${{ steps.ldflags.outputs.build-time }} | ||
commit-id: ${{ steps.ldflags.outputs.commit-id }} | ||
version: ${{ steps.ldflags.outputs.version }} | ||
branch-name: ${{ steps.ldflags.outputs.branch-name }} | ||
steps: | ||
- id: checkout | ||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | ||
with: | ||
fetch-depth: 0 | ||
- id: setupgo | ||
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.4.0 | ||
with: | ||
go-version: 1.17 | ||
- id: ldflags | ||
run: | | ||
echo "build-time=$(date +%Y%m%d%H%M)" >> "$GITHUB_OUTPUT" | ||
echo "commit-id=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" | ||
echo "version=$(git describe --abbrev=0 --tags)" >> "$GITHUB_OUTPUT" | ||
echo "branch-name=$(git rev-parse --abbrev-ref HEAD)" >> "$GITHUB_OUTPUT" | ||
echo "abc-ext" > file.file | ||
# Trusted builders | ||
authtool-linux-amd64: | ||
permissions: | ||
id-token: write | ||
contents: write | ||
actions: read | ||
needs: args | ||
uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
with: | ||
config-file: .github/slsa/slsa-authtool-linux-amd64.yml | ||
go-version: 1.17 | ||
evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
compile-builder: true | ||
# Trusted builders | ||
show-abc-ext: | ||
permissions: | ||
id-token: write | ||
contents: write | ||
actions: read | ||
needs: args | ||
steps: | ||
- id: ldflags | ||
run: | | ||
go version | ||
cat file.file | ||
# bcache-linux-amd64: | ||
# permissions: | ||
# id-token: write | ||
# contents: write | ||
# actions: read | ||
# needs: args | ||
# uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
# with: | ||
# config-file: .github/slsa/slsa-bcache-linux-amd64.yml | ||
# go-version: 1.17 | ||
# evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
# compile-builder: true | ||
# client-linux-amd64: | ||
# permissions: | ||
# id-token: write | ||
# contents: write | ||
# actions: read | ||
# needs: args | ||
# uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
# with: | ||
# config-file: .github/slsa/slsa-client-linux-amd64.yml | ||
# go-version: 1.17 | ||
# evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
# compile-builder: true | ||
# fdstore-linux-amd64: | ||
# permissions: | ||
# id-token: write | ||
# contents: write | ||
# actions: read | ||
# needs: args | ||
# uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
# with: | ||
# config-file: .github/slsa/slsa-fdstore-linux-amd64.yml | ||
# go-version: 1.17 | ||
# evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
# compile-builder: true | ||
# fsck-linux-amd64: | ||
# permissions: | ||
# id-token: write | ||
# contents: write | ||
# actions: read | ||
# needs: args | ||
# uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
# with: | ||
# config-file: .github/slsa/slsa-fsck-linux-amd64.yml | ||
# go-version: 1.17 | ||
# evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
# compile-builder: true | ||
# preload-linux-amd64: | ||
# permissions: | ||
# id-token: write | ||
# contents: write | ||
# actions: read | ||
# needs: args | ||
# uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@07e64b653f10a80b6510f4568f685f8b7b9ea830 | ||
# with: | ||
# config-file: .github/slsa/slsa-preload-linux-amd64.yml | ||
# go-version: 1.17 | ||
# evaluated-envs: "BUILD_TIME:${{needs.args.outputs.build-time}}, COMMIT_ID:${{needs.args.outputs.commit-id}}, VERSION:${{needs.args.outputs.version}}, BRANCH_NAME:${{needs.args.outputs.branch-name}}" | ||
# compile-builder: true |