Skip to content

fix: added image signing #31

fix: added image signing

fix: added image signing #31

Workflow file for this run

name: Release to Production
on:
push:
branches: [ main ]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PALETTE_VERSION: 4.0.2
PALETTE_CLI_VERSION: 4.0.1
PALETTE_EDGE_VERSION: 3.4.3
PACKER_VERSION: 1.9.4
ORAS_VERSION: 1.0.0
TERRAFORM_VERSION: 1.6.5
jobs:
docker:
name: "Release Docker image"
runs-on: ubuntu-latest
outputs:
VERSION: ${{ steps.get-version.outputs.version }}
steps:
- name: Setup nodeJs
uses: actions/[email protected]
with:
node-version: '18'
- name: Check out code into the Go module directory
uses: actions/checkout@v4
-
name: "Get dependencies"
id: dependencies
run: |
npm ci
npx semantic-release --dry-run
cat VERSION.env
source VERSION.env
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Set up QEMU
if: ${{ steps.dependencies.outputs.VERSION != ''}}
uses: docker/setup-qemu-action@v2
- name: "Set up Docker Buildx"
if: ${{ steps.dependencies.outputs.VERSION != ''}}
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
if: ${{ steps.dependencies.outputs.VERSION != ''}}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
if: ${{ steps.dependencies.outputs.VERSION != ''}}
uses: docker/build-push-action@v2
id: build-and-push
with:
context: .
build-args: |
PALETTE_VERSION=${{env.PALETTE_VERSION}}
PALETTE_CLI_VERSION=${{env.PALETTE_CLI_VERSION}}
PALETTE_EDGE_VERSION=${{env.PALETTE_EDGE_VERSION}}
PACKER_VERSION=${{env.PACKER_VERSION}}
ORAS_VERSION=${{env.ORAS_VERSION}}
TERRAFORM_VERSION=${{env.TERRAFORM_VERSION}}
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository }}:${{steps.dependencies.outputs.VERSION}}
- uses: sigstore/[email protected]
- name: Image Signing
run: |

Check failure on line 82 in .github/workflows/release.yaml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yaml

Invalid workflow file

You have an error in your yaml syntax on line 82
cosign sign --yes \
-a "repo=${{ github.repository }}" \
-a "workflow=${{ github.workflow }}" \
-a "ref=${{ github.sha }}" \
-a "owner=Spectro Cloud" \
--key env://COSIGN_PRIVATE_KEY --recursive "${TAGS}@${DIGEST}"
env:
TAGS: ghcr.io/${{ github.repository }}:${{steps.dependencies.outputs.VERSION}}
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
release:
name: "Release"
needs: [docker]
runs-on: ubuntu-latest
steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v3
- name: Setup Nodejs
uses: actions/setup-node@v3
with:
node-version: 18
- name: Install dependencies
run: npm ci
- name: "release"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
npx semantic-release