actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-06 03:55:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
gosec/.github/workflows/release.yml
Niklas 0ee8ad3d5b
Use version ^v0 instead of latest for cyclonedx-gomod (#667) 
To avoid breaking the build when cyclonedx-gomod introduces breaking changes in a new major version. See https://github.com/CycloneDX/gh-gomod-generate-sbom/releases/tag/v0.3.0

Signed-off-by: nscuro <nscuro@protonmail.com>
2021-07-19 11:25:04 +02:00

46 lines
1.3 KiB
YAML
Raw Blame History

name: Release
on:
push:
tags:
- 'v*'
jobs:
build:
runs-on: ubuntu-latest
env:
GO111MODULE: on
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
steps:
- name: Checkout Source
uses: actions/checkout@v2
- name: Unshallow
run: git fetch --prune --unshallow
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.16.x
- name : Get release version
id: get_version
run: echo ::set-env name=RELEASE_VERSION::$(echo ${GITHUB_REF:10})
- name: Generate SBOM
uses: CycloneDX/gh-gomod-generate-sbom@v0.3.0
with:
json: true
output: bom.json
resolve-licenses: true
version: ^v0
- name: Release Binaries
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: release --rm-dist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Release Docker Image
uses: elgohr/Publish-Docker-Github-Action@master
with:
name: securego/gosec
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
buildargs: GO_VERSION=1.16
tags: "latest,${{ env.RELEASE_VERSION }}"
tag_names: true
Reference in a new issue View git blame Copy permalink