-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
54 lines (52 loc) · 1.73 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
---
# yamllint disable rule:line-length
name: "Sign Gluon Manifest"
description: "Sign Gluon Manifest using the build-gluon container"
inputs:
gluon-path:
description: 'Path to an initialized Gluon repository'
required: true
container-version:
description: 'Container version to use'
default: 'master'
manifest:
description: 'Location of the manifest file to sign'
required: true
signing-key:
description: 'ECDSA key to sign manifest with'
required: true
write-signature:
description: 'Write signature to manifest file'
default: true
outputs:
signature:
description: 'Signature output'
value: ${{ steps.signature-output.outputs.signature }}
runs:
using: 'composite'
steps:
- run: docker build --build-arg CONTAINER --build-arg VERSION -t sdk $GITHUB_ACTION_PATH
env:
VERSION: ${{ inputs.container-version }}
shell: bash
- run: mkdir -p ${RUNNER_TEMP}/workdir
shell: bash
- run: echo "${{ inputs.signing-key }}" > "${RUNNER_TEMP}/workdir/signing.key"
shell: bash
- run: cp "${{ inputs.manifest }}" "${RUNNER_TEMP}/workdir/signing.manifest"
shell: bash
- run: |
docker run --rm \
--user "$(id -u):$(id -g)" \
--volume "${GITHUB_WORKSPACE}/${ACTION_GLUON_PATH}:/gluon/gluon-repo" \
--volume "${RUNNER_TEMP}/workdir:/gluon/workdir" \
sdk
env:
ACTION_GLUON_PATH: ${{ inputs.gluon-path }}
shell: bash
- run: cp "${RUNNER_TEMP}/workdir/signing.manifest" "${{ inputs.manifest }}"
shell: bash
if: inputs.write-signature == 'true'
- run: echo "signature=$(tail -n1 "${RUNNER_TEMP}/workdir/signing.manifest")" > $GITHUB_OUTPUT
id: signature-output
shell: bash