constellation/.github/workflows/build-access-manager-image.yml
Fabian Kammel 18ae86c38e
sbom signing (#303)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00

43 lines
1.4 KiB
YAML

name: Build and upload access-manager image
env:
REGISTRY: ghcr.io
IMAGE_NAME: access-manager
on:
workflow_dispatch:
push:
branches:
- main
- "release/**"
paths:
- "access_manager/**"
- "internal/deploy/**"
jobs:
build-access-manager:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check out repository
id: checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- name: Setup Go environment
uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
with:
go-version: "1.19.2"
- name: Build and upload access-manager container image
id: build-and-upload
uses: ./.github/actions/build_micro_service
with:
name: access-manager
projectVersion: "0.0.0"
dockerfile: access_manager/Dockerfile
githubToken: ${{ secrets.GITHUB_TOKEN }}
cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}