github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bfca19bf253291a3b7ae1673e7a3578a9e124894
kubescape/.github/workflows/02-release.yaml
Matthias Bertschy bfca19bf25 Remove pip cache from release workflow
2025-12-12 15:59:11 +01:00

108 lines
2.8 KiB
YAML
Raw Blame History

name: 02-create_release
permissions: read-all
on:
push:
tags:
- "v*.*.*-rc.*"
workflow_dispatch:
inputs:
skip_publish:
description: "Skip publishing artifacts"
required: false
default: true
type: boolean
release_tag:
description: "Release tag to simulate (must contain -rc, e.g. v0.0.0-rc.0)"
required: false
default: "v0.0.0-rc.0"
type: string
jobs:
retag:
outputs:
NEW_TAG: ${{ steps.tag-calculator.outputs.NEW_TAG }}
runs-on: ubuntu-large
steps:
- uses: actions/checkout@v4
- id: tag-calculator
uses: ./.github/actions/tag-action
with:
ORIGINAL_TAG: ${{ inputs.release_tag != '' && inputs.release_tag || github.ref_name }}
SUB_STRING: "-rc"
release:
permissions:
actions: read
checks: read
contents: write
deployments: read
discussions: read
id-token: write
issues: read
models: read
packages: write
pages: read
pull-requests: read
repository-projects: read
statuses: read
security-events: read
attestations: read
artifact-metadata: read
needs: [retag]
runs-on: ubuntu-large
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-go@v5
with:
go-version: "1.25"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install Cosign
uses: sigstore/cosign-installer@v3.5.0
- name: Create Cosign Key
run: echo "${{ secrets.COSIGN_PRIVATE_KEY_V1 }}" > cosign.key
- name: Tag Release
run: |
git tag ${{ needs.retag.outputs.NEW_TAG }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Quay.io
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAYIO_REGISTRY_USERNAME }}
password: ${{ secrets.QUAYIO_REGISTRY_PASSWORD }}
- uses: anchore/sbom-action/download-syft@v0
name: Setup Syft
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.10.0
with:
cluster_name: kubescape-e2e
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser
version: latest
args: release --clean ${{ inputs.skip_publish == true && '--skip=publish' || '' }}
env:
GITHUB_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN || secrets.GITHUB_TOKEN }}
COSIGN_PWD: ${{ secrets.COSIGN_PRIVATE_KEY_V1_PASSWORD }}
RELEASE: ${{ needs.retag.outputs.NEW_TAG }}
CLIENT: release
RUN_E2E: "true"
Reference in New Issue View Git Blame Copy Permalink