fix(ci): Update build permissions #15

Workflow file for this run

.github/workflows/release.yml at 16c86c2

	name: Release

	on:
	push:
	branches: [ main ]
	workflow_dispatch:

	env:
	REGISTRY: ghcr.io

	jobs:
	set-version:
	runs-on: ubuntu-latest
	outputs:
	release: ${{ steps.set-version.outputs.release }}
	version: ${{ steps.set-version.outputs.version }}

	steps:
	- name: "Checkout"
	uses: actions/checkout@v4

	- name: "Get and Set version"
	id: set-version
	env:
	GH_TOKEN: ${{ github.token }}
	run: \|
	set -e

	if [[ -f .release.yml ]]; then
	pip install yq
	current_version=$(yq -r ".version" .release.yml)
	echo "Current Version :: $current_version"

	echo "version=$current_version" >> $GITHUB_OUTPUT
	else
	echo "Failed to find version..."
	exit 1
	fi

	released_version=$(gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /repos/:owner/:repo/releases/latest \| jq -r ".tag_name")

	if [[ "$current_version" == "NA" \|\| "$current_version" == "$released_version" ]]; then
	echo "No new release found"
	echo "release=false" >> "$GITHUB_OUTPUT"
	else
	echo "New release found"
	echo "version=$current_version" >> "$GITHUB_OUTPUT"
	echo "release=true" >> "$GITHUB_OUTPUT"
	fi

	publish-image:
	uses: advanced-security/reusable-workflows/.github/workflows/container-publish.yml@main
	needs: [ set-version ]
	if: ${{ needs.set-version.outputs.release == 'true' }}
	secrets: inherit
	permissions:
	contents: write
	id-token: write
	packages: write
	actions: read
	attestations: write
	with:
	version: ${{ needs.set-version.outputs.version }}
	sbom: true

	github-release:
	uses: advanced-security/reusable-workflows/.github/workflows/release.yml@main
	needs: [ publish-image ]
	secrets: inherit
	with:
	version: ${{ needs.set-version.outputs.version }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(ci): Update build permissions #15

Workflow file

fix(ci): Update build permissions #15

Uh oh!

Workflow file for this run