ci: handle provenance for built artifacts
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
parent
f4a3149a2f
commit
f09bf31f3e
1 changed files with 14 additions and 3 deletions
17
.github/workflows/build.yml
vendored
17
.github/workflows/build.yml
vendored
|
@ -102,7 +102,6 @@ jobs:
|
||||||
with:
|
with:
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||||
|
|
||||||
-
|
-
|
||||||
name: Log in to GitHub Container registry
|
name: Log in to GitHub Container registry
|
||||||
if: github.event_name != 'pull_request'
|
if: github.event_name != 'pull_request'
|
||||||
|
@ -111,16 +110,27 @@ jobs:
|
||||||
registry: ghcr.io
|
registry: ghcr.io
|
||||||
username: ${{ github.actor }}
|
username: ${{ github.actor }}
|
||||||
password: ${{ secrets.GITHUB_TOKEN }}
|
password: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
-
|
-
|
||||||
name: Build artifacts
|
name: Build artifacts
|
||||||
uses: docker/bake-action@v4
|
uses: docker/bake-action@v4
|
||||||
with:
|
with:
|
||||||
targets: artifact-all
|
targets: artifact-all
|
||||||
-
|
-
|
||||||
name: Move artifacts
|
name: Rename provenance
|
||||||
|
run: |
|
||||||
|
for pdir in ./bin/*/; do
|
||||||
|
(
|
||||||
|
cd "$pdir"
|
||||||
|
binname=$(find . -name '*.tar.gz')
|
||||||
|
filename=$(basename "${binname%.tar.gz}")
|
||||||
|
mv "provenance.json" "${filename}.provenance.json"
|
||||||
|
)
|
||||||
|
done
|
||||||
|
-
|
||||||
|
name: Move and list artifacts
|
||||||
run: |
|
run: |
|
||||||
mv ./bin/**/* ./bin/
|
mv ./bin/**/* ./bin/
|
||||||
|
tree -nh ./bin
|
||||||
-
|
-
|
||||||
name: Upload artifacts
|
name: Upload artifacts
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
|
@ -145,6 +155,7 @@ jobs:
|
||||||
draft: true
|
draft: true
|
||||||
files: |
|
files: |
|
||||||
bin/*.tar.gz
|
bin/*.tar.gz
|
||||||
|
bin/*.provenance.json
|
||||||
bin/*.sha256
|
bin/*.sha256
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
Loading…
Reference in a new issue