Skip to content

build(deps): bump actions/attest-build-provenance from 1 to 2 #216

build(deps): bump actions/attest-build-provenance from 1 to 2

build(deps): bump actions/attest-build-provenance from 1 to 2 #216

Workflow file for this run

name: Go
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
build:
runs-on: ubuntu-latest
container:
image: ghcr.io/vanilla-os/pico:main
permissions:
contents: write # to upload assets to releases
attestations: write # to upload assets attestation for build provenance
id-token: write # grant additional permission to attestation action to mint the OIDC token permission
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: 1.22
- name: Install build dependencies
run: |
apt-get update
apt-get install -y pkg-config build-essential
- name: Build
run: go build -o vso -ldflags="-X 'main.Version=${{ github.sha }}'"
- name: Check for missing strings
uses: vanilla-os/missing-strings-golang-action@v0.1.0
- name: Compress
run: tar -czvf vso.tar.gz vso
- name: Compress-manpage
run: tar -czvf vso-man.tar.gz man/vso.1
- name: Calculate and Save Checksums
run: |
sha256sum vso.tar.gz >> checksums.txt
sha256sum vso-man.tar.gz >> checksums.txt
- uses: actions/upload-artifact@v4
with:
name: vso
path: |
checksums.txt
vso.tar.gz
vso-man.tar.gz
- uses: softprops/action-gh-release@v2
if: github.ref == 'refs/heads/main'
with:
token: "${{ secrets.GITHUB_TOKEN }}"
tag_name: "continuous"
prerelease: true
name: "Continuous Build"
files: |
checksums.txt
vso.tar.gz
vso-man.tar.gz