feat: postgres search path, updates deps and ci pipelines (#57) #7

Workflow file for this run

.github/workflows/release.yaml at 90fb3d1

	name: release
	on:
	push:
	tags:
	- 'v*'

	permissions: {}

	jobs:
	release:
	runs-on: ubuntu-latest
	permissions:
	contents: write # needed to write releases
	id-token: write # needed for keyless signing
	packages: write # needed for ghcr access
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
	with:
	egress-policy: audit
	- name: Checkout code
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
	with:
	fetch-depth: 0
	- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
	with:
	go-version: '1.22'
	- name: Docker Login
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup Cosign
	uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
	- uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2
	- name: Create release and SBOM
	if: startsWith(github.ref, 'refs/tags/v')
	uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
	with:
	version: latest
	args: release --clean --skip=validate
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	release-chart:
	runs-on: ubuntu-latest
	needs:
	- release
	permissions:
	packages: write # Needed to publish chart to ghcr.io
	id-token: write # Needed for keyless signing
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
	with:
	fetch-depth: 0

	- name: Install Helm
	uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 #v3.5

	- name: Setup Cosign
	uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

	- name: Login to Github Container Registry using helm
	run: echo ${{ secrets.GITHUB_TOKEN }} \| helm registry login ghcr.io --username ${{ github.actor }} --password-stdin

	- name: Package helm charts
	run: \|
	packVersion=$(echo "${{ github.ref_name }}" \| sed 's/^v//g')
	helm package chart/db-controller -d chart --version=$packVersion --app-version=${{ github.ref_name }}
	- name: Publish helm charts to Github Container Registry
	run: \|
	repository=$(echo "${{ github.repository_owner }}" \| tr [:upper:] [:lower:])
	helm push ${{ github.workspace }}/chart/db-controller-*.tgz oci://ghcr.io/$repository/charts \|& tee .digest
	cosign login --username ${GITHUB_ACTOR} --password ${{ secrets.GITHUB_TOKEN }} ghcr.io
	cosign sign --yes ghcr.io/$repository/charts/db-controller@$(cat .digest \| awk -F "[, ]+" '/Digest/{print $NF}')

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: postgres search path, updates deps and ci pipelines (#57) #7

Workflow file

feat: postgres search path, updates deps and ci pipelines (#57) #7

Jobs

Run details

Workflow file for this run