Skip to content

chore(deps): update namespacelabs/nscloud-checkout-action action to v3 - autoclosed #20

chore(deps): update namespacelabs/nscloud-checkout-action action to v3 - autoclosed

chore(deps): update namespacelabs/nscloud-checkout-action action to v3 - autoclosed #20

Workflow file for this run

name: Branch
on:
pull_request:
branches:
- main
push:
branches:
- main
tags:
- "v*"
env:
FOUNDRY_PROFILE: ci
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
actions: write
checks: write
contents: write
deployments: write
id-token: write
issues: write
discussions: write
packages: write
pages: write
pull-requests: write
repository-projects: write
security-events: write
statuses: write
jobs:
check:
strategy:
fail-fast: true
name: Foundry project
runs-on: namespace-profile-foundry
steps:
- name: Checkout
uses: namespacelabs/nscloud-checkout-action@v3
with:
submodules: recursive
- name: Setup caches
uses: namespacelabs/nscloud-cache-action@v1
with:
path: |
cache
out
~/.foundry
- name: Install Cosign
uses: sigstore/cosign-installer@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASS }}
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Run Forge build
run: |
forge --version
forge build --sizes
id: build
- name: Run Forge tests
run: |
forge test -vvv
id: test
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
ghcr.io/settlemint/solidity-token-soulbound
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Build and push
uses: docker/build-push-action@v5
id: build-and-push
with:
load: false
provenance: true
sbom: true
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
no-cache: true
- name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
TAGS: ${{ steps.docker_meta.outputs.tags }}
run: |
images=""
for tag in ${TAGS}; do
images+="${tag}@${DIGEST} "
done
cosign sign --yes ${images}