fix(cli): show digest in stdout in att push command (#812) #32
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Documentation | |
| on: | |
| push: | |
| tags: ["v*.*.*"] | |
| workflow_dispatch: | |
| # Limit to a single workflow | |
| concurrency: "deploy-to-prod" | |
| jobs: | |
| chainloop_init: | |
| name: Chainloop Init | |
| uses: chainloop-dev/labs/.github/workflows/chainloop_init.yml@f055bc60d670593b6d1646c45dd2e3e091bf6743 | |
| secrets: | |
| api_token: ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT_DOCS_RELEASE }} | |
| with: | |
| chainloop_labs_branch: f055bc60d670593b6d1646c45dd2e3e091bf6743 | |
| deploy_docs: | |
| name: Deploy Documentation | |
| runs-on: ubuntu-latest | |
| needs: | |
| - chainloop_init | |
| defaults: | |
| run: | |
| working-directory: ./docs | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| sparse-checkout: | | |
| docs | |
| sparse-checkout-cone-mode: false | |
| - name: Install Syft | |
| run: | | |
| # Install Syft | |
| wget --no-verbose https://raw.githubusercontent.com/anchore/syft/main/install.sh -O - | sh -s -- -b /usr/local/bin | |
| - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version: 18 | |
| - name: yarn install | |
| run: yarn install | |
| - name: Build | |
| run: netlify build | |
| - name: Deploy | |
| run: netlify deploy --prod | |
| - name: Generate reports | |
| run: | | |
| mkdir -p reports | |
| tar -czf reports/build.tar.gz build | |
| - uses: anchore/sbom-action@a5afbb185c4d9799c758f05e496032af75ae9128 | |
| with: | |
| path: . | |
| format: cyclonedx-json | |
| upload-artifact: false | |
| output-file: docs/reports/sbom.cyclonedx.json | |
| - uses: anchore/sbom-action@a5afbb185c4d9799c758f05e496032af75ae9128 | |
| with: | |
| path: . | |
| format: spdx-json | |
| upload-artifact: false | |
| output-file: docs/reports/sbom.spdx.json | |
| # Upload artifacts so they are shared with the chainloop job | |
| - uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb | |
| with: | |
| name: reports | |
| path: docs/reports/* | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | |
| NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} | |
| chainloop_push: | |
| name: Chainloop Push | |
| uses: chainloop-dev/labs/.github/workflows/chainloop_push.yml@f055bc60d670593b6d1646c45dd2e3e091bf6743 | |
| needs: | |
| - deploy_docs | |
| secrets: | |
| api_token: ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT_DOCS_RELEASE }} | |
| signing_key: ${{ secrets.COSIGN_KEY }} | |
| signing_key_password: ${{ secrets.COSIGN_PASSWORD }} | |
| with: | |
| attestation_name: "docs" | |
| chainloop_labs_branch: f055bc60d670593b6d1646c45dd2e3e091bf6743 |