forked from securego/gosec
-
Notifications
You must be signed in to change notification settings - Fork 0
54 lines (54 loc) · 1.55 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
name: Release
on:
push:
tags:
- 'v*'
jobs:
build:
runs-on: ubuntu-latest
env:
GO111MODULE: on
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Unshallow
run: git fetch --prune --unshallow
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.22.7'
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate SBOM
uses: CycloneDX/gh-gomod-generate-sbom@v2
with:
version: v1
args: mod -licenses -json -output bom.json
- name: Docker meta
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository_owner }}/gosec
flavor: |
latest=true
tags: |
type=sha,format=long
type=semver,pattern={{version}}
- name: Release Docker Image
uses: docker/build-push-action@v6
id: relimage
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
build-args: GO_VERSION=1.22