Skip to content

Sign container image with Sigstore cosign #68

Sign container image with Sigstore cosign

Sign container image with Sigstore cosign #68

Workflow file for this run

name: ci
on:
pull_request:
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch all tags
run: git fetch --force --tags
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Run Go Vet
run: go vet ./...
- name: Run Go Tests
run: go test ./... -cover -race
- name: Build binary
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser
version: '~> v2'
args: build --snapshot
- name: Install license check tool
run: go install github.com/google/addlicense@v1
- name: Check licenses
run: addlicense -l apache -check -v -ignore '**/*.yaml' -c Humanitec ./cmd ./internal/
- name: Build docker image
uses: docker/build-push-action@v6
with:
context: .
push: false
load: true
tags: score-k8s:test
- name: Test docker image
run: |
docker run --rm score-k8s:test --version
docker run -v .:/score-k8s --rm score-k8s:test init
cat score.yaml