Skip to content

WIP

WIP #85

Workflow file for this run

name: image
on:
push:
branches:
- 2.x
paths-ignore:
- README.md
- charts/**
permissions:
contents: read
id-token: write
packages: write
security-events: write
jobs:
ko:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: backend/go.mod
cache-dependency-path: backend/go.sum
- name: Login
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.CR_PAT }}
- name: Install Cosign
uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
- uses: oven-sh/setup-bun@a1800f471a0bc25cddac36bb13e6f436ddf341d7 # v1
with:
bun-version: latest
- name: Build frontend
run: |
set -e
make build-frontend
- name: Publish image
id: ko-publish
run: |
set -e
echo "digest=$(make ko-publish)" >> $GITHUB_OUTPUT
- name: Sign image
run: |
set -e
cosign sign --yes \
-a "repo=${{ github.repository }}" \
-a "workflow=${{ github.workflow }}" \
-a "ref=${{ github.sha }}" \
${{ steps.ko-publish.outputs.digest }}