Skip to content

Commit

Permalink
Merge pull request #493 from fluxcd/update-release-workflow
Browse files Browse the repository at this point in the history
build: update release workflow
  • Loading branch information
hiddeco authored Mar 8, 2023
2 parents 1f3bbae + 53d2778 commit 405ad76
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 9 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/nightly.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,13 @@ jobs:
- uses: actions/checkout@v3
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: all
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: "--debug"
- name: Build multi-arch container image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
push: false
builder: ${{ steps.buildx.outputs.name }}
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ jobs:
tags: |
type=raw,value=${{ steps.prep.outputs.VERSION }}
- name: Publish images
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
sbom: true
provenance: true
Expand All @@ -77,13 +77,13 @@ jobs:
docker buildx imagetools inspect ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
docker pull docker.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
docker pull ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
- uses: sigstore/cosign-installer@main
- uses: sigstore/cosign-installer@v3
- name: Sign images
env:
COSIGN_EXPERIMENTAL: 1
run: |
cosign sign fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
cosign sign ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
cosign sign --yes fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
cosign sign --yes ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }}
- name: Generate release artifacts
if: startsWith(github.ref, 'refs/tags/v')
run: |
Expand All @@ -94,7 +94,7 @@ jobs:
- uses: anchore/sbom-action/download-syft@v0
- name: Create release and SBOM
if: startsWith(github.ref, 'refs/tags/v')
uses: goreleaser/goreleaser-action@v3
uses: goreleaser/goreleaser-action@v4
with:
version: latest
args: release --release-notes=config/release/notes.md --rm-dist --skip-validate
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: Run FOSSA scan and upload build data
uses: fossa-contrib/fossa-action@v1
uses: fossa-contrib/fossa-action@v2
with:
# FOSSA Push-Only API Token
fossa-api-key: 5ee8bf422db1471e0bcf2bcb289185de
Expand Down

0 comments on commit 405ad76

Please sign in to comment.