chore: release assets for multiple platforms #434
Conversation
Signed-off-by: Shunsuke Suzuki <[email protected]>
.github/workflows/release.yml
Outdated
| permissions: | ||
| actions: read # For the detection of GitHub Actions environment. | ||
| id-token: write # For signing. | ||
| contents: write # For asset uploads. | ||
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | ||
| with: | ||
| go-version: 1.18 | ||
| config-file: .github/config-release.yml | ||
| config-file: .slsa-goreleaser-${{matrix.os}}-${{matrix.arch}}.yml | ||
| compile-builder: true | ||
| evaluated-envs: "VERSION:${{needs.args.outputs.version}}" | ||
|
|
||
| # In case this fails, e.g. build configuration changes, file an issue in slsa-verifier | ||
| if-failed: |
There was a problem hiding this comment.
@laurentsimon @asraa Do we even need this in the release workflow? It's not a pre-submit so I don't think we need it to create GitHub issues?
There was a problem hiding this comment.
I think you're right we can remove the if-failed. @suzuki-shunsuke please remove it and let's merge.
There was a problem hiding this comment.
Removed. bec4a0b
|
I tested, then SLSA Provenance was created successfully. The files were created per platform separately.
I think ideally Provenance files should be merged into one file |
Yeah, ideally we'd do that but I think it's ok for now. See slsa-framework/slsa-github-generator#63 |
Signed-off-by: Shunsuke Suzuki <[email protected]>
Signed-off-by: Shunsuke Suzuki <[email protected]>
|
I added macOS and windows. |
.github/workflows/release.yml
Outdated
| permissions: | ||
| actions: read # For the detection of GitHub Actions environment. | ||
| id-token: write # For signing. | ||
| contents: write # For asset uploads. | ||
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | ||
| with: | ||
| go-version: 1.18 | ||
| config-file: .github/config-release.yml | ||
| config-file: .slsa-goreleaser-${{matrix.os}}-${{matrix.arch}}.yml | ||
| compile-builder: true | ||
| evaluated-envs: "VERSION:${{needs.args.outputs.version}}" | ||
|
|
||
| # In case this fails, e.g. build configuration changes, file an issue in slsa-verifier | ||
| if-failed: |
There was a problem hiding this comment.
I think you're right we can remove the if-failed. @suzuki-shunsuke please remove it and let's merge.
This job is unneeded anymore. #434 (comment) Signed-off-by: Shunsuke Suzuki <[email protected]>
.github/workflows/release.yml
Outdated
| permissions: | ||
| actions: read # For the detection of GitHub Actions environment. | ||
| id-token: write # For signing. | ||
| contents: write # For asset uploads. | ||
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | ||
| with: | ||
| go-version: 1.18 | ||
| config-file: .github/config-release.yml | ||
| config-file: .slsa-goreleaser-${{matrix.os}}-${{matrix.arch}}.yml |
There was a problem hiding this comment.
Could you move the config files into a new .goreleaser folder? Sorry, I did not catch this earlier. Thanks!
There was a problem hiding this comment.
These configuration files are not for GoReleaser, so I prefer .slsa-goreleaser than .goreleaser.
How about .slsa-goreleaser/${{matrix.os}}-${{matrix.arch}}.yml?
What do you think?
There was a problem hiding this comment.
Moved. 477c130
There was a problem hiding this comment.
Signed-off-by: Shunsuke Suzuki <[email protected]>
#421 (comment)