diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 365468ee..854c81fd 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -5,6 +5,12 @@ on: tags: - '*' workflow_dispatch: + inputs: + skip-publish: + description: 'Skip publishing to releases.mondoo.com?' + type: boolean + required: false + default: false env: REGISTRY: docker.io @@ -69,7 +75,7 @@ jobs: - name: Install Quill for Mac Signing and Notarization run: | - curl -sSfL https://raw.githubusercontent.com/anchore/quill/main/install.sh | sh -s -- -b /tmp v0.2.0 + curl -sSfL https://raw.githubusercontent.com/anchore/quill/main/install.sh | sh -s -- -b /tmp /tmp/quill help - name: Log in to the Container registry @@ -100,10 +106,12 @@ jobs: rpm -qpi dist/*.rpm - name: Cleanup Signing Cert + if: always() run: rm -f ${CERT_PATH} - name: Publish Release to releases.mondoo.com + if: ${{ ! inputs.skip-publish }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASR_ACTION_TOKEN }} diff --git a/.goreleaser.yml b/.goreleaser.yml index bce4496f..9b442ada 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -66,8 +66,9 @@ builds: output: true env: - TARGET={{ .Target }} - - cmd: jsign --storetype DIGICERTONE --alias "${SM_CERT_ALIAS}" --storepass "${SM_API_KEY}|${SM_CLIENT_CERT_FILE}|${SM_CLIENT_CERT_PASSWORD}" --tsaurl "http://timestamp.digicert.com" '{{ .Path }}' - + - cmd: jsign --storetype DIGICERTONE --alias "{{ .Env.SM_CERT_ALIAS }}" --storepass "{{ .Env.SM_API_KEY }}|{{ .Env.SM_CLIENT_CERT_FILE}}|{{ .Env.SM_CLIENT_CERT_PASSWORD }}" --tsaurl "http://timestamp.digicert.com" '{{ .Path }}' +nfpms: + - maintainer: Mondoo description: Cloud-Native Security and Policy Framework homepage: https://mondoo.com/