Skip to content

build(deps): Bump step-security/harden-runner from 2.5.0 to 2.5.1 (#162) #2

build(deps): Bump step-security/harden-runner from 2.5.0 to 2.5.1 (#162)

build(deps): Bump step-security/harden-runner from 2.5.0 to 2.5.1 (#162) #2

Workflow file for this run

name: Release
on:
push:
branches:
- main
tags:
- v*
env:
COSIGN_EXPERIMENTAL: true
jobs:
build-image:
runs-on: ubuntu-latest
permissions:
id-token: write
packages: write
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: 1.19
check-latest: true
- name: Install ko
uses: ko-build/setup-ko@ace48d793556083a76f1e3e6068850c1f4a369aa # v0.6
- name: Install cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1
- name: Log into ghcr.io
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build images
uses: magefile/mage-action@3b833fb24c0d19eed3aa760b9eb285b4b84f420f # v2.3.0
with:
version: v1.14.0
args: buildImages