Skip to content

fix: Fix spurious transport errors (v1.0.x) (#1642) #94

fix: Fix spurious transport errors (v1.0.x) (#1642)

fix: Fix spurious transport errors (v1.0.x) (#1642) #94

Workflow file for this run

name: Release
on:
push:
tags: ['v*.*.*']
permissions:
contents: read
jobs:
release:
env:
TAG: ${{ github.ref_name }}
permissions:
contents: write # Needed for creating and editing releases
id-token: write # Needed for cosigning build attestation files with tejolote
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Run vexctl
uses: openvex/generate-vex@31b415924ea0d72ed5f2640f1dee59dea6c2770b
with:
product: pkg:generic/karpenter@${{ env.TAG }}
file: karpenter.vex.json
- name: Create Github Release
uses: marvinpinto/action-automatic-releases@919008cf3f741b179569b7a6fb4d8860689ab7f0 # v1.2.1
with:
files: |
karpenter.vex.json
repo_token: "${{ secrets.GITHUB_TOKEN }}"
prerelease: false
- name: Install tejolote
uses: kubernetes-sigs/release-actions/setup-tejolote@2f8b9ec22aedc9ce15039b6c7716aa6c2907df1c # v0.2.0
- name: Run tejolote
run: |
tejolote attest "github://kubernetes-sigs/karpenter/${{ github.run_id }}" --artifacts "github://kubernetes-sigs/karpenter/$TAG" --output karpenter.intoto.json --sign
- name: Add the tejolote provenance attestation to release
env:
GH_TOKEN: ${{ github.token }}
run: |
gh release upload "$TAG" karpenter.intoto.json