chore(deps): update sigstore support dependencies #125
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
pull_request: | |
branches: [main] | |
types: [milestoned, opened, synchronize] | |
paths-ignore: | |
- "**.md" | |
- "**.jpg" | |
- "**.png" | |
- "**.gif" | |
- "**.svg" | |
- "adr/**" | |
- "docs/**" | |
- ".gitignore" | |
- "renovate.json" | |
- ".release-please-config.json" | |
- "release-please-config.json" | |
- "oscal-component.yaml" | |
- "CODEOWNERS" | |
- "LICENSE" | |
- "CONTRIBUTING.md" | |
- "SECURITY.md" | |
# Abort prior jobs in the same workflow / PR | |
concurrency: | |
group: test-${{ github.ref }}-${{ inputs.package }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
jobs: | |
test: | |
name: ${{ matrix.type }} ${{ matrix.flavor }} | |
runs-on: ubuntu-latest | |
timeout-minutes: 25 | |
strategy: | |
matrix: | |
flavor: [upstream] | |
type: [install] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 | |
- name: Install Step CLI | |
run: | | |
wget https://github.com/smallstep/cli/releases/download/v0.27.2/step-cli_amd64.deb | |
sudo dpkg -i step-cli_amd64.deb | |
- name: Environment setup | |
uses: defenseunicorns/uds-common/.github/actions/setup@24c8a2a48eeb33773b76b3587c489cb17496c9e0 # v0.12.0 | |
with: | |
registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} | |
registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} | |
ghToken: ${{ secrets.GITHUB_TOKEN }} | |
# TODO: This is not needed once https://github.com/sigstore/helm-charts/pull/790 is merged | |
- name: Sigstore Helm Shim | |
run: | | |
uds zarf tools helm repo add sigstore https://sigstore.github.io/helm-charts | |
curl https://raw.githubusercontent.com/sigstore/helm-charts/main/security/pubkey.gpg | gpg --import --batch | |
gpg --export >~/.gnupg/pubring.gpg | |
- name: Test | |
uses: defenseunicorns/uds-common/.github/actions/test@24c8a2a48eeb33773b76b3587c489cb17496c9e0 # v0.12.0 | |
with: | |
flavor: ${{ matrix.flavor }} | |
type: ${{ matrix.type }} | |
- name: Debug Output | |
if: ${{ always() }} | |
uses: defenseunicorns/uds-common/.github/actions/debug-output@24c8a2a48eeb33773b76b3587c489cb17496c9e0 # v0.12.0 | |
- name: Save logs | |
if: always() | |
uses: defenseunicorns/uds-common/.github/actions/save-logs@24c8a2a48eeb33773b76b3587c489cb17496c9e0 # v0.12.0 | |
with: | |
suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} |