File tree Expand file tree Collapse file tree 3 files changed +42
-0
lines changed
Expand file tree Collapse file tree 3 files changed +42
-0
lines changed Original file line number Diff line number Diff line change 1+ <!-- markdownlint-disable MD041 -->
2+
3+ ### :clipboard : Summary
4+
5+ <!-- Manually fill this summary, taking note of any changes relevant to the end user.
6+ When a change requires action, or emphasis, use '> [!NOTE]' notation.
7+ -->
8+
9+ #### :bookmark : Packages
10+
11+ | Container | Full identifier |
12+ | -----------------------| ---------------------------------------------------------------------------------------------------------------------------|
13+ | amp-devcontainer-cpp | ghcr.io/philips-software/amp-devcontainer-cpp:{{ amp-devcontainer-cpp-version }}@sha256 :{{ amp-devcontainer-cpp-sha }} |
14+ | amp-devcontainer-rust | ghcr.io/philips-software/amp-devcontainer-rust:{{ amp-devcontainer-rust-version }}@sha256 :{{ amp-devcontainer-rust-sha }} |
15+
Original file line number Diff line number Diff line change @@ -130,6 +130,22 @@ jobs:
130130 GH_TOKEN : ${{ github.token }}
131131 run : |
132132 gh attestation verify --repo ${{ github.repository }} oci://${{ env.REGISTRY }}/${{ github.repository }}-${{ matrix.flavor }}@${{ steps.build-and-push.outputs.digest }}
133+ name : Upload provenance to release
134+ if : startsWith(github.ref, 'refs/tags/')
135+ env :
136+ GH_TOKEN : ${{ github.token }}
137+ run : |
138+ gh attestation verify --repo ${{ github.repository }} oci://${{ env.REGISTRY }}/${{ github.repository }}-${{ matrix.flavor }}@${{ steps.build-and-push.outputs.digest }} --format json --jq '.[] | .attestation.bundle.dsseEnvelope | select(.payloadType == "application/vnd.in-toto+json").payload' | base64 -d | jq . > ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ matrix.flavor }}_sha256_${{ steps.build-and-push.outputs.digest }}.intoto.jsonl
139+ gh release upload ${{ github.ref_name }} ./*.intoto.jsonl
140+ name : Update package details in release
141+ if : startsWith(github.ref, 'refs/tags/')
142+ env :
143+ GH_TOKEN : ${{ github.token }}
144+ run : |
145+ UPDATED_NOTES=$(gh release view ${{ github.ref_name }} --json body -q '.body')
146+ UPDATED_NOTES=${UPDATED_NOTES//'{{ amp-devcontainer-${{ matrix.flavor }}-version }}'/'${{ github.ref_name }}'}
147+ UPDATED_NOTES=${UPDATED_NOTES//'{{ amp-devcontainer-${{ matrix.flavor }}-sha }}'/'${{ steps.build-and-push.outputs.digest }}'}
148+ gh release edit ${{ github.ref_name }} --notes "${UPDATED_NOTES}"
133149acceptance-test :
134150 if : github.event_name == 'pull_request'
135151 needs : build-push
Original file line number Diff line number Diff line change 2222 app-id : ${{ vars.FOREST_RELEASER_APP_ID }}
2323 private-key : ${{ secrets.FOREST_RELEASER_APP_PRIVATE_KEY }}
2424 - uses : googleapis/release-please-action@a02a34c4d625f9be7cb89156071d8567266a2445 # v4.2.0
25+ id : release
2526 with :
2627 token : ${{ steps.token.outputs.token }}
28+ - name : Amend release description
29+ if : ${{ steps.release.outputs.release_created }}
30+ env :
31+ GITHUB_TOKEN : ${{ steps.token.outputs.token }}
32+ run : |
33+ CURRENT_NOTES=$(gh release view ${{ steps.release.outputs.tag_name }} --json body -q '.body')
34+ HEADER=$(echo "$CURRENT_NOTES" | awk '/^## / {print; exit}')
35+ TEMPLATE=$(cat ../RELEASE_TEMPLATE.md)
36+ BODY=$(echo "$CURRENT_NOTES" | sed "0,/^## /d")
37+ gh release edit ${{ steps.release.outputs.tag_name }} --notes "${HEADER}${TEMPLATE}${BODY}"
You can’t perform that action at this time.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments