From cc1ffbf3374d495b58d273ac26a1881631cc4435 Mon Sep 17 00:00:00 2001
From: Javan lacerda <javanlacerda@google.com>
Date: Fri, 20 Sep 2024 18:00:15 +0000
Subject: [PATCH] adding breaking change label to container

Signed-off-by: Javan lacerda <javanlacerda@google.com>
---
 .github/workflows/container-build.yml | 22 +++++++++++++---------
 Makefile                              |  1 +
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml
index 5286824f4..a87cd9854 100644
--- a/.github/workflows/container-build.yml
+++ b/.github/workflows/container-build.yml
@@ -26,7 +26,9 @@ jobs:
     name: build
     runs-on: ubuntu-latest
 
-    if: github.repository == 'sigstore/fulcio'
+    if: github.repository == 'javanlacerda/fulcio'
+    env:
+      GH_TOKEN: ${{ github.token }}
 
     permissions:
       id-token: write
@@ -50,14 +52,16 @@ jobs:
 
       - uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7
 
-      - name: Set up Cloud SDK
-        uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d # v2.1.5
-        with:
-          workload_identity_provider: 'projects/498091336538/locations/global/workloadIdentityPools/githubactions/providers/sigstore-fulcio'
-          service_account: 'github-actions-fulcio@projectsigstore.iam.gserviceaccount.com'
 
-      - name: creds
-        run: gcloud auth configure-docker --quiet
+      - name: formated label for breaking change
+        id: breaking_change
+        run: |
+          BRANCH_NUMBER=$(gh pr list --state all --search "sha:$GITHUB_SHA" --label "breaking-change" | awk '{print $1}')
+          echo $BRANCH_NUMBER
+          if [ ! -z "$BRANCH_NUMBER" ]; then \
+            echo "FORMATED_LABEL=--image-label breaking-change=true" >> $GITHUB_OUTPUT
+          fi
 
       - name: container
-        run: KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio make sign-keyless-ci
+        run: |
+          KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio FORMATED_LABEL=${{ steps.breaking_change.outputs.FORMATED_LABEL }} make sign-keyless-ci
diff --git a/Makefile b/Makefile
index 1c95803fc..7cfc4ecfd 100644
--- a/Makefile
+++ b/Makefile
@@ -124,6 +124,7 @@ ko:
 	LDFLAGS="$(LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
 	KO_DOCKER_REPO=$(KO_PREFIX)/fulcio ko resolve --bare \
 		--platform=linux/amd64 --tags $(GIT_VERSION) --tags $(GIT_HASH) \
+		$(FORMATED_LABEL) \
 		--image-refs fulcioImagerefs --filename config/ > $(FULCIO_YAML)
 
 .PHONY: ko-local