Skip to content
RELEASE: Make release candidate

RELEASE: Make release candidate #40

Sign in to view logs

RELEASE: Make release candidate

RELEASE: Make release candidate #40

Workflow file for this run

.github/workflows/release_draft.yml at 643b8be
name: "RELEASE: Make release candidate"
on:
push:
tags:
- v[0-9]+.[0-9]+.[0-9]+
- v[0-9]+.[0-9]+.[0-9]+-*
jobs:
draft_release:
outputs:
hashes: ${{ steps.collect.outputs.hashes }}
name: draft release
runs-on: ubuntu-latest
permissions:
packages: write
contents: write
pull-requests: write
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 0
# Why "fetch-depth: 0"? To generate the release notes, we need the
# full git history. A shallow checkout would make release notes going
# back one commit.
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ^1.23
# Stringer is needed because .goreleaser includes "go generate ./..."
- name: Install stringer
run: |
go install golang.org/x/tools/cmd/stringer@latest
# use GoReleaser to build for all platforms.
-
id: release
name: Goreleaser release
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser
version: latest
args: release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
name: Collect artifact digests
id: collect
run: |
echo "generating digests for artifacts"
echo "hashes=$(find dist -type f \( -name \*dnscontrol\* -o -name \*checksums.txt \) -exec sha256sum {} \; | base64 -w0)" >> "$GITHUB_OUTPUT"
slsa:
needs: [draft_release]
permissions:
actions: read
id-token: write
contents: write
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
base64-subjects: ${{ needs.draft_release.outputs.hashes }}
upload-assets: true
draft-release: true