Build

Update sigstore/cosign-installer action to v3 #1673

Summary
Jobs
- build
- sign
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Build

	on:
	push:
	branches:
	- 'main'
	tags:
	- '*'
	pull_request:
	branches:
	- 'main'


	jobs:
	build:
	runs-on: ubuntu-latest
	permissions:
	actions: none
	checks: none
	contents: none
	deployments: none
	issues: none
	packages: write
	pull-requests: none
	repository-projects: none
	security-events: none
	statuses: none
	id-token: none

	steps:
	- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0

	- name: Login to GitHub
	if: github.event_name != 'pull_request'
	uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- id: docker_meta
	uses: docker/metadata-action@57396166ad8aefe6098280995947635806a0e6ea # tag=v4.1.1
	with:
	images: \|
	ghcr.io/${{ github.repository }}
	flavor: \|
	latest=true
	tags: \|
	type=sha,format=long
	type=edge,branch=$repo.default_branch
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # tag=v2

	- name: push
	uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 # tag=v3.2.0
	with:
	# platforms: linux/arm64,linux/amd64
	tags: ${{ steps.docker_meta.outputs.tags }}
	labels: ${{ steps.docker_meta.outputs.labels }}
	push: ${{ github.event_name != 'pull_request' }}

	outputs:
	tags: ${{ steps.docker_meta.outputs.tags }}

	sign:
	if: github.event_name != 'pull_request'
	needs: build
	runs-on: ubuntu-latest
	permissions:
	actions: none
	checks: none
	contents: none
	deployments: none
	issues: none
	packages: write
	pull-requests: none
	repository-projects: none
	security-events: none
	statuses: none
	id-token: write

	steps:
	- name: Login to GitHub
	uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

	- name: Sign the images
	run: cosign sign ${TAGS}
	env:
	TAGS: ${{needs.build.outputs.tags}}
	COSIGN_EXPERIMENTAL: 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update sigstore/cosign-installer action to v3 #1673

Workflow file

Update sigstore/cosign-installer action to v3 #1673

Jobs

Run details

Workflow file for this run