constellation/.github/workflows/build-joinservice-image.yml
Fabian Kammel 18ae86c38e
sbom signing (#303)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00

45 lines
1.5 KiB
YAML

name: Build and upload join-service image
on:
workflow_dispatch:
push:
branches:
- main
- "release/**"
paths:
- "joinservice/**"
- "internal/atls/**"
- "internal/attestation/**"
- "internal/constants/**"
- "internal/file/**"
- "internal/grpc/**"
- "internal/oid/**"
jobs:
build-join-service:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check out repository
id: checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- name: Setup Go environment
uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
with:
go-version: "1.19.2"
- name: Build and upload join-service container image
id: build-and-upload
uses: ./.github/actions/build_micro_service
with:
name: join-service
projectVersion: "0.0.0"
dockerfile: joinservice/Dockerfile
githubToken: ${{ secrets.GITHUB_TOKEN }}
cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}