Skip to content

Commit 4af6841

Browse files
vibecheck-botvibecheck-bot
authored
Merge pull request #27 from rshdhere/feat/goreleaser-openssf
ci: remove version pinning and add SLSA provenance attestation
2 parents b344d65 + b71529c commit 4af6841

File tree

1 file changed

+12
-4
lines changed

1 file changed

+12
-4
lines changed

.github/workflows/release.yaml

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -17,23 +17,31 @@ jobs:
1717

1818
steps:
1919
- name: Checkout
20-
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
20+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
2121
with:
2222
fetch-depth: 0
2323

2424
- name: Set up Go
25-
uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0
25+
uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff
2626
with:
2727
go-version: "1.23"
2828

2929
- name: Install Cosign
3030
uses: sigstore/cosign-installer@v3
3131

32-
- name: Set up GoReleaser
33-
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
32+
- name: Run GoReleaser
33+
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a
3434
with:
3535
version: latest
3636
args: release --clean
3737
env:
3838
GITHUB_TOKEN: ${{ secrets.PAT_GITHUB }}
3939
HOMEBREW_TOKEN: ${{ secrets.HOMEBREW_TOKEN }}
40+
41+
- name: Generate SLSA provenance
42+
uses: actions/attest-build-provenance@v1
43+
with:
44+
subject-path: |
45+
dist/*.tar.gz
46+
dist/*.zip
47+
dist/checksums.txt

0 commit comments

Comments
 (0)