try verison step #6
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - '*' | |
| permissions: | |
| contents: write # needed to write releases | |
| id-token: write # needed for keyless signing | |
| packages: write # needed for ghcr access | |
| attestations: write # needed for provenance | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Run tests | |
| run: go test -v ./... | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set Versions | |
| uses: actions/github-script@v4 | |
| id: set_version | |
| with: | |
| script: | | |
| const tag = context.ref.substring(10) | |
| const no_v = tag.replace('v', '') | |
| const dash_index = no_v.lastIndexOf('-') | |
| const no_dash = (dash_index > -1) ? no_v.substring(0, dash_index) : no_v | |
| core.setOutput('tag', tag) | |
| core.setOutput('no-v', no_v) | |
| core.setOutput('no-dash', no_dash) | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| - name: Import GPG key | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_SIGNING_KEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| - uses: sigstore/cosign-installer@v3.8.0 # installs cosign | |
| - uses: anchore/sbom-action/download-syft@v0.18.0 # installs syft | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| version: '~> v2' | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} | |
| - uses: actions/attest-build-provenance@v2 | |
| with: | |
| subject-checksums: "dist/gce_metadata_server_${{steps.set_version.outputs.no-dash}}_checksums.txt" |