Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-27 15:57:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

ci: explicitly add CLI signature as release artifact (#1917)

Browse Source
This commit is contained in:
Malte Poll 2023-06-14 09:56:11 +02:00 committed by GitHub
parent 8910e9bac4
commit ee77e3922a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/release-cli.yml vendored
View File

@ -16,6 +16,10 @@ on:
description: "Container registry to use" description: "Container registry to use"
type: string type: string
default: ghcr.io default: ghcr.io
key:
description: "Key to use for signing. Set to 'release' to use release key, set to 'dev' to use the dev key."
type: string
required: true
workflow_call: workflow_call:
inputs: inputs:
ref: ref:
@ -31,6 +35,10 @@ on:
description: "Container registry to use" description: "Container registry to use"
type: string type: string
default: ghcr.io default: ghcr.io
key:
description: "Key to use for signing. Set to 'release' to use release key, set to 'dev' to use the dev key."
type: string
required: true
jobs: jobs:
build-cli: build-cli:
@ -58,15 +66,17 @@ jobs:
targetOS: ${{ matrix.os }} targetOS: ${{ matrix.os }}
targetArch: ${{ matrix.arch }} targetArch: ${{ matrix.arch }}
enterpriseCLI: true enterpriseCLI: true
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }} cosignPublicKey: ${{ inputs.key == 'release' && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }} cosignPrivateKey: ${{ inputs.key == 'release' && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }} cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
- name: Upload CLI as artifact - name: Upload CLI as artifact
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with: with:
name: constellation-${{ matrix.os }}-${{ matrix.arch }} name: constellation-${{ matrix.os }}-${{ matrix.arch }}
path: build/constellation-${{ matrix.os }}-${{ matrix.arch }} path: |
build/constellation-${{ matrix.os }}-${{ matrix.arch }}
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
push-containers: push-containers:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04

1
.github/workflows/release.yml vendored
View File

@ -266,6 +266,7 @@ jobs:
with: with:
ref: "refs/tags/${{ inputs.version }}" ref: "refs/tags/${{ inputs.version }}"
pushContainers: true pushContainers: true
key: 'release'
e2e-tests: e2e-tests:
name: Run E2E tests name: Run E2E tests