|
|
|
@ -1,40 +1,25 @@ |
|
|
|
# This workflow uses actions that are not certified by GitHub. |
|
|
|
|
|
|
|
# They are provided by a third-party and are governed by |
|
|
|
|
|
|
|
# separate terms of service, privacy policy, and support |
|
|
|
|
|
|
|
# documentation. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# This workflow lets you compile your Go project using a SLSA3 compliant builder. |
|
|
|
|
|
|
|
# This workflow will generate a so-called "provenance" file describing the steps |
|
|
|
|
|
|
|
# that were performed to generate the final binary. |
|
|
|
|
|
|
|
# The project is an initiative of the OpenSSF (openssf.org) and is developed at |
|
|
|
|
|
|
|
# https://github.com/slsa-framework/slsa-github-generator. |
|
|
|
|
|
|
|
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier. |
|
|
|
|
|
|
|
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
name: SLSA Go releaser |
|
|
|
name: SLSA Go releaser |
|
|
|
|
|
|
|
|
|
|
|
on: |
|
|
|
on: |
|
|
|
workflow_dispatch: |
|
|
|
workflow_dispatch: |
|
|
|
release: |
|
|
|
release: |
|
|
|
types: [created] |
|
|
|
types: [created] |
|
|
|
|
|
|
|
|
|
|
|
permissions: read-all |
|
|
|
permissions: |
|
|
|
|
|
|
|
id-token: write |
|
|
|
|
|
|
|
contents: write |
|
|
|
|
|
|
|
actions: read |
|
|
|
|
|
|
|
|
|
|
|
jobs: |
|
|
|
jobs: |
|
|
|
# ======================================================================================================================================== |
|
|
|
|
|
|
|
# Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project. |
|
|
|
|
|
|
|
# See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file |
|
|
|
|
|
|
|
#========================================================================================================================================= |
|
|
|
|
|
|
|
build: |
|
|
|
build: |
|
|
|
permissions: |
|
|
|
permissions: |
|
|
|
id-token: write # To sign. |
|
|
|
id-token: write # To sign. |
|
|
|
contents: write # To upload release assets. |
|
|
|
contents: write # To upload release assets. |
|
|
|
actions: read # To read workflow path. |
|
|
|
actions: read # To read workflow path. |
|
|
|
uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.4.0 |
|
|
|
uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.4.0 |
|
|
|
with: |
|
|
|
with: |
|
|
|
go-version: 1.19 |
|
|
|
go-version: 1.19 |
|
|
|
# ============================================================================================================= |
|
|
|
output: ./dist |
|
|
|
# Optional: For more options, see https://github.com/slsa-framework/slsa-github-generator#golang-projects |
|
|
|
|
|
|
|
# ============================================================================================================= |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
publish: |
|
|
|
publish: |
|
|
|
needs: build |
|
|
|
needs: build |
|
|
|
|
yuriy0803
2 years ago
committed by
GitHub