constellation/.github/workflows/build-verification-service.yml
2023-04-06 16:36:07 +02:00

43 lines
1.6 KiB
YAML

name: Build and upload verification-service image
on:
workflow_dispatch:
push:
branches:
- main
- "release/**"
paths:
- "verify/**"
- "internal/**"
- "!internal/versions/versions.go" # Don't build on version bumps to avoid infinite loops
- ".github/workflows/build-verification-service.yml"
jobs:
build-verification-service:
runs-on: ubuntu-22.04
permissions:
contents: read
packages: write
steps:
- name: Check out repository
id: checkout
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
with:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Setup Go environment
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
with:
go-version: "1.20.3"
- name: Build and upload verification-service container image
id: build-and-upload
uses: ./.github/actions/build_micro_service_ko
with:
name: verification-service
koTarget: ./verify/cmd
githubToken: ${{ secrets.GITHUB_TOKEN }}
cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}