Skip to content
This repository was archived by the owner on Sep 17, 2025. It is now read-only.
/ vipdatasync Public archive

Commit bb95559

Browse files
tangrufustangrufus
committed
action main
1 parent 19b2824 commit bb95559

File tree

1 file changed

+7
-12
lines changed

1 file changed

+7
-12
lines changed

.github/workflows/go-release.yml

Lines changed: 7 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,7 @@ jobs:
1313
permissions:
1414
contents: write
1515
outputs:
16-
build-provenance-artifact-name: build-provenance
1716
build-provenance-artifact-id: ${{ steps.upload-build-provenance.outputs.artifact-id }}
18-
sbom-artifact-name: sbom-artifact
1917
sbom-artifact-id: ${{ steps.upload-sbom.outputs.artifact-id }}
2018
sbom-attestations: ${{ steps.upload-sbom.outputs.attestations }}
2119
steps:
@@ -41,10 +39,8 @@ jobs:
4139
dist/vipdatasync_*/vipdatasync
4240
dist/vipdatasync_*.tar.gz
4341
dist/**/*.sbom.json
44-
- uses: typisttech/upload-goreleaser-sboms-action@v0
42+
- uses: typisttech/upload-goreleaser-sboms-action@main
4543
id: upload-sbom
46-
with:
47-
artifact: sbom-artifact
4844

4945
attest-build-provenance:
5046
needs: [release]
@@ -56,7 +52,7 @@ jobs:
5652
- uses: actions/download-artifact@v4
5753
with:
5854
path: dist
59-
name: ${{ needs.release.outputs.build-provenance-artifact-name }}
55+
name: build-provenance
6056
- uses: actions/attest-build-provenance@v1
6157
with:
6258
subject-path: |
@@ -76,30 +72,29 @@ jobs:
7672
steps:
7773
- uses: actions/download-artifact@v4
7874
with:
79-
name: ${{ needs.release.outputs.sbom-artifact-name }}
75+
name: sbom-artifact
8076
- uses: actions/attest-sbom@v1
8177
with:
8278
subject-path: ${{ matrix.attestation.subject }}
8379
sbom-path: ${{ matrix.attestation.sbom }}
8480

85-
verify-attestation:
81+
verify:
8682
needs: [release, attest-build-provenance, attest-sbom]
8783
runs-on: ubuntu-latest
8884
steps:
89-
- run: gh release download --clobber --dir artifacts --repo $REPO --pattern $PATTERN $TAG
85+
- run: gh release download --clobber --dir artifacts --repo $REPO $TAG
9086
env:
9187
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
9288
REPO: ${{ github.repository }}
93-
PATTERN: '*'
9489
TAG: ${{ github.ref_name }}
9590
- run: ls | xargs -I {} gh attestation verify --repo $REPO {}
9691
working-directory: artifacts
9792
env:
9893
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
9994
REPO: ${{ github.repository }}
10095

101-
cleanup-artifact:
102-
needs: [release, verify-attestation]
96+
cleanup:
97+
needs: [release, verify]
10398
runs-on: ubuntu-latest
10499
permissions:
105100
actions: write

0 commit comments

Comments
 (0)