diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 80ececf9..15db9053 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,7 @@ name: CI on: + workflow_dispatch: push: pull_request: @@ -9,7 +10,8 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout Repo + uses: actions/checkout@v3 - name: Set up Go uses: actions/setup-go@v5 @@ -25,3 +27,24 @@ jobs: - name: Build run: make build + + fossa: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write # needed for the Vault authentication + + steps: + - name: Load Secrets from Vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/fossa/credentials token | FOSSA + + - name: Checkout Repo + uses: actions/checkout@v3 + + - name: Check FOSSA compliance + uses: fossas/fossa-action@main + with: + api-key: ${{ env.FOSSA }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..ab108412 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,31 @@ +name: Release + +on: + workflow_dispatch: + push: + tags: + - v* + +jobs: + release: + permissions: + contents: read + id-token: write # needed for the Vault authentication + runs-on: ubuntu-latest + + steps: + - name: Load Secrets from Vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ; + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD ; + + - name: Checkout Repo + uses: actions/checkout@v3 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ env.DOCKER_USERNAME }} + password: ${{ env.DOCKER_PASSWORD }}