Skip to content

Use setup-envtest to set up envtest for integration tests #107

Use setup-envtest to set up envtest for integration tests

Use setup-envtest to set up envtest for integration tests #107

Workflow file for this run

name: Build and deploy elector
on:
- push
jobs:
build_push_sign:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
env:
RUNNER_IMG: "gcr.io/distroless/static-debian11"
RUNNERIMG_IDENTITY: "keyless@distroless.iam.gserviceaccount.com"
RUNNERIMG_ISSUER: "https://accounts.google.com"
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # ratchet:actions/checkout@v3
- name: Install cosign
uses: sigstore/cosign-installer@38ab09d8bfc57c5240fe014ad3ec50c4904219a1 # ratchet:sigstore/cosign-installer@main
with:
cosign-release: 'v2.0.0'
- name: Verify runner image
run: cosign verify --certificate-identity ${{ env.RUNNERIMG_IDENTITY }} --certificate-oidc-issuer ${{ env.RUNNERIMG_ISSUER }} ${{ env.RUNNER_IMG }}
- uses: nais/platform-build-push-sign@2a0a82c67a7bda6d954542edf187dde0c868983c # ratchet:nais/platform-build-push-sign@main
with:
name: elector
dockerfile: Dockerfile
google_service_account: gh-elector
push: ${{ github.actor != 'dependabot[bot]' }}
workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }}