chore(deps): update golang:1.21-alpine3.19 docker digest to b3aea8d (… #32

Workflow file for this run

.github/workflows/goreleaser.yml at 645d5b0

	name: Release new version

	on:
	push:
	tags:
	- "*" # triggers only if push new tag version, like `v0.8.4`

	# Restrict jobs in this workflow to have no permissions by default; permissions
	# should be granted per job as needed using a dedicated `permissions` block
	permissions: {}

	jobs:
	goreleaser:
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	permissions:
	contents: write # for goreleaser/goreleaser-action to create a GitHub release
	packages: write # for goreleaser/goreleaser-action to publish docker images
	runs-on: ubuntu-latest
	env:
	# Required for buildx on docker 19.x
	DOCKER_CLI_EXPERIMENTAL: "enabled"
	steps:
	- name: Checkout
	uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	with:
	fetch-depth: 0
	ref: ${{ inputs.commit }}
	- name: Set up Go
	uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
	with:
	go-version-file: .go-version
	check-latest: true
	- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
	- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
	- name: ghcr-login
	uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Run GoReleaser
	id: run-goreleaser
	uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
	with:
	version: latest
	args: release --rm-dist
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Generate subject
	id: hash
	env:
	ARTIFACTS: "${{ steps.run-goreleaser.outputs.artifacts }}"
	run: \|
	set -euo pipefail
	checksum_file=$(echo "$ARTIFACTS" \| jq -r '.[] \| select (.type=="Checksum") \| .path')
	echo "hashes=$(cat $checksum_file \| base64 -w0)" >> "$GITHUB_OUTPUT"
	provenance:
	needs: [goreleaser]
	permissions:
	actions: read # To read the workflow path.
	id-token: write # To sign the provenance.
	contents: write # To add assets to a release.
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
	with:
	base64-subjects: "${{ needs.goreleaser.outputs.hashes }}"
	upload-assets: true # upload to a new release
	draft-release: true # upload to a new draft release

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update golang:1.21-alpine3.19 docker digest to b3aea8d (… #32

Workflow file

chore(deps): update golang:1.21-alpine3.19 docker digest to b3aea8d (… #32

Jobs

Run details

Workflow file for this run