This Action downloads
crane
and adds it to your PATH
, with optional signature verification if you use the
SLSA Verifier.
For a quick start guide on the usage of crane
, refer to
its documentation.
For available crane
releases, refer to
its releases.
This action supports Linux, macOS and Windows runners (results may vary with self-hosted runners).
- name: Install crane
uses: iarekylew00t/crane-installer@v3
Note
slsa-verifier
must be in your PATH
for signature verification or it will
be skipped - See
Automatic verification with SLSA Verifier.
If crane
is loaded from cache it will not be re-verified.
Name | Type | Description | Default |
---|---|---|---|
crane-release |
String | crane release version to be installed |
latest |
verify |
Boolean | Perform signature verification on crane |
true |
cache |
Boolean | Whether to utilize cache with crane |
true |
token |
String | GitHub token for REST API access | ${{ github.token }} |
Name | Type | Description |
---|---|---|
version |
String | The version of crane the was installed |
cache-hit |
Boolean | If crane was installed via cache |
- name: Install crane
uses: iarekylew00t/crane-installer@v3
with:
crane-release: v0.20.2
- name: Install crane
uses: iarekylew00t/crane-installer@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Install crane
uses: iarekylew00t/crane-installer@v3
- name: Login to DockerHub
run: |
echo "${{ secrets.DOCKERHUB_TOKEN }}" | \
crane auth login docker.io \
--user "${{ vars.DOCKERHUB_USERNAME }}" \
--pass-stdin
- name: Login to GHCR
run: |
echo "${{ github.token }}" | \
crane auth login ghcr.io \
--user "${{ github.actor }}" \
--pass-stdin
- name: Install SLSA verifier
uses: slsa-framework/slsa-verifier/actions/installer@v2.6.0
- name: Install crane
uses: iarekylew00t/crane-installer@v3
Caution
Since this is a TypeScript action you must transpile it into native
JavaScript. This is done for you automatically as part of the npm run all
command and will be validated via the
check-dist.yml
Workflow in any PR.
-
βοΈ Install the version of Node.js as defined in the
.node-version
.
You can use asdf to help manage your project runtimes.asdf plugin add nodejs https://github.com/asdf-vm/asdf-nodejs.git asdf install
-
π οΈ Install dependencies
npm install
-
ποΈ Format, lint, test, and package your code changes.
npm run all
For maintainers, the following release process should be used when cutting new versions.
-
β¬ Ensure all changes are in the
main
branch and all necessary Workflows are passing.git checkout main git pull
-
β Ensure the
package.json
andpackage-lock.json
files are updated to with the new version being cut.npm update
-
π Create a new Tag, push it up, then create a new Release for the version.
git tag v1.2.3 git push -u origin v1.2.3
Alternatively you can create the Tag on the GitHub Release page itself.
When the tag is pushed it will kick off the Shared Tags Workflows to update the
v$MAJOR
andv$MAJOR.MINOR
tags.
Feel free to contribute and make things better by opening an
Issue or
Pull Request.
Thank you for your contribution! β€οΈ
See LICENSE.