Skip to content

chore(goreleaser): fixes generate-notices-file.sh #26

chore(goreleaser): fixes generate-notices-file.sh

chore(goreleaser): fixes generate-notices-file.sh #26

Workflow file for this run

# SPDX-License-Identifier: MIT
name: release
on:
push:
# run only against tags
tags:
- 'v*'
permissions:
contents: write
id-token: write
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Login to ghcr.io
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0
- run: git fetch --force --tags
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22.5'
- name: Synopsys Detect
run: |
GITHUB_REF="$(echo $GITHUB_REF_NAME | tr ':/' '_')"
BLACKDUCK_SCAN_VERSION_NAME="${GITHUB_REF}_${GITHUB_SHA}"
export BLACKDUCK_SCAN_VERSION_NAME
# create the tmp directory as we also do during the release process
mkdir -p tmp
./hack/foss-scan.sh
mv tmp/Black_Duck_Notices_Report.txt tmp/3RD_PARTY_LICENSES.txt
env:
BLACKDUCK_URL: ${{ secrets.BLACKDUCK_URL }}
BLACKDUCK_PROJECT_NAME: ${{ secrets.BLACKDUCK_PROJECT_NAME }}
BLACKDUCK_TOKEN: ${{ secrets.BLACKDUCK_TOKEN }}
- name: SBOM
run: make sbom
- name: release
run: make release
env:
GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }}