chore: Port to sigs.k8s.io/yaml #635

Workflow file for this run

.github/workflows/snapshot.yaml at 7ebc4ea

	---
	name: test-snapshot-release

	on:
	pull_request:

	permissions:
	contents: read

	jobs:
	snapshot:
	runs-on: ubuntu-latest

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	disable-sudo: true
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v3.5.2
	with:
	fetch-depth: 1

	- name: Set up Go
	id: go
	uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
	with:
	go-version: '1.24'
	check-latest: true

	- name: Install bom
	uses: kubernetes-sigs/release-actions/setup-bom@a30d93cf2aa029e1e4c8a6c79f766aebf429fddb # v0.3.1

	- name: Test release build
	uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
	with:
	args: release --clean --snapshot --skip=sign
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: check binary
	run: \|
	./dist/krel-amd64-linux version
	./dist/publish-release-amd64-linux help
	./dist/release-notes-amd64-linux version

	- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
	with:
	name: artifacts
	path: dist/*

	attestation:
	runs-on: ubuntu-latest

	permissions:
	contents: read

	needs:
	- snapshot

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	disable-sudo: true
	egress-policy: audit

	- name: Check out code onto GOPATH
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	fetch-depth: 1

	- name: Install tejolote
	uses: kubernetes-sigs/release-actions/setup-tejolote@a30d93cf2aa029e1e4c8a6c79f766aebf429fddb # v0.3.1

	- run: \|
	tejolote attest github://kubernetes/release/"${GITHUB_RUN_ID}" --output release.intoto.json
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
	with:
	name: release.intoto.json
	path: ./release.intoto.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Port to sigs.k8s.io/yaml #635

Workflow file

chore: Port to sigs.k8s.io/yaml #635

Jobs

Run details

Workflow file for this run