Skip to content

Commit

Permalink
adding breaking change label to container
Browse files Browse the repository at this point in the history
Signed-off-by: Javan lacerda <javanlacerda@google.com>
  • Loading branch information
javanlacerda committed Sep 21, 2024
1 parent f019ef6 commit cc1ffbf
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 9 deletions.
22 changes: 13 additions & 9 deletions .github/workflows/container-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ jobs:
name: build
runs-on: ubuntu-latest

if: github.repository == 'sigstore/fulcio'
if: github.repository == 'javanlacerda/fulcio'
env:
GH_TOKEN: ${{ github.token }}

permissions:
id-token: write
Expand All @@ -50,14 +52,16 @@ jobs:

- uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7

- name: Set up Cloud SDK
uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d # v2.1.5
with:
workload_identity_provider: 'projects/498091336538/locations/global/workloadIdentityPools/githubactions/providers/sigstore-fulcio'
service_account: 'github-actions-fulcio@projectsigstore.iam.gserviceaccount.com'

- name: creds
run: gcloud auth configure-docker --quiet
- name: formated label for breaking change
id: breaking_change
run: |
BRANCH_NUMBER=$(gh pr list --state all --search "sha:$GITHUB_SHA" --label "breaking-change" | awk '{print $1}')
echo $BRANCH_NUMBER
if [ ! -z "$BRANCH_NUMBER" ]; then \
echo "FORMATED_LABEL=--image-label breaking-change=true" >> $GITHUB_OUTPUT
fi
- name: container
run: KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio make sign-keyless-ci
run: |
KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio FORMATED_LABEL=${{ steps.breaking_change.outputs.FORMATED_LABEL }} make sign-keyless-ci
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ ko:
LDFLAGS="$(LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
KO_DOCKER_REPO=$(KO_PREFIX)/fulcio ko resolve --bare \
--platform=linux/amd64 --tags $(GIT_VERSION) --tags $(GIT_HASH) \
$(FORMATED_LABEL) \
--image-refs fulcioImagerefs --filename config/ > $(FULCIO_YAML)

.PHONY: ko-local
Expand Down

0 comments on commit cc1ffbf

Please sign in to comment.