workflow #29

Summary
Jobs
- goreleaser
- debug
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/go-release.yml at b3c66e0

	name: Go Release

	on:
	push:
	tags:
	- 'v*'

	permissions: {}

	jobs:
	goreleaser:
	runs-on: ubuntu-latest
	permissions:
	contents: write


	# Expose step outputs as job outputs
	outputs:
	upload-sbom-attestations: ${{ steps.upload-sbom.outputs.attestations }}
	upload-sbom-artifact: ${{ steps.upload-sbom.outputs.artifact }}

	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- uses: actions/setup-go@v5
	with:
	go-version-file: 'go.mod'

	- uses: anchore/sbom-action/download-syft@v0

	- uses: goreleaser/goreleaser-action@v6
	with:
	version: '~> v2'
	args: release --clean --fail-fast --skip=announce,publish
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	# TAP_GITHUB_TOKEN: ${{ secrets.TAP_GITHUB_TOKEN }}

	- id: upload-sbom
	uses: typisttech/tmp-attest-goreleaser-sbom-action@main

	# - uses: actions/attest-build-provenance@v1
	# with:
	# subject-path: \|
	# dist/vipdatasync_*.checksums.txt
	# dist/vipdatasync_*/vipdatasync
	# dist/vipdatasync_*.tar.gz
	# dist/*/.sbom.json

	debug:
	runs-on: ubuntu-latest
	needs: [goreleaser]
	steps:
	- run: echo $XXX
	env:
	XXX: ${{ needs.goreleaser.outputs.upload-sbom-attestations }}

	- run: echo ${{ needs.goreleaser.outputs.upload-sbom-attestations }}

	attest-sbom:
	runs-on: ubuntu-latest
	needs: [goreleaser]
	permissions:
	id-token: write
	attestations: write

	strategy:
	matrix:
	attestation: ${{ needs.goreleaser.outputs.upload-sbom-attestations }}

	steps:
	- uses: actions/download-artifact@v4
	with:
	name: ${{ needs.goreleaser.outputs.upload-sbom-artifact }}

	- uses: actions/attest-sbom@v1
	with:
	subject-path: ${{ matrix.attestation.subject }}
	sbom-path: ${{ matrix.attestation.sbom }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

workflow #29

Workflow file

workflow #29

Jobs

Run details

Workflow file for this run