Skip to content

chore(deps): Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#798) #474

chore(deps): Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#798)

chore(deps): Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#798) #474

Workflow file for this run

name: image
on:
push:
branches:
- main
- release-1.13
permissions:
id-token: write
packages: write
security-events: write
jobs:
ko:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: backend/go.mod
cache-dependency-path: backend/go.sum
- name: Login
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Install Cosign
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Build assets
run: |
set -e
make build-backend-assets
- name: Publish image
id: ko-publish
run: |
set -e
echo "digest=$(VERSION=${{ github.ref_name }} make ko-publish)" >> $GITHUB_OUTPUT
- name: Sign image
run: |
set -e
cosign sign ${{ steps.ko-publish.outputs.digest }} --yes