chore(deps): bump github.com/buildkite/agent/v3 from 3.62.0 to 3.70.0 #7045
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Copyright 2021 The Sigstore Authors. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| name: CI-Validate-Release-Job | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - release-* | |
| pull_request: | |
| jobs: | |
| check-signature: | |
| runs-on: ubuntu-latest | |
| container: | |
| image: gcr.io/projectsigstore/cosign:v2.2.4-dev@sha256:13efd4c62710d75f07d12d8aad36a8657eeffd4f5f3a40bcbc207d8aafa67d41 | |
| steps: | |
| - name: Check Signature | |
| run: | | |
| cosign verify ghcr.io/gythialy/golang-cross:v1.21.9-0@sha256:3ea5f8dc2ea7508df43516966c9d498e830b1f0739a58de81ca7e28211822de6 \ | |
| --certificate-oidc-issuer https://token.actions.githubusercontent.com \ | |
| --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.21.9-0" | |
| env: | |
| TUF_ROOT: /tmp | |
| validate-release-job: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - check-signature | |
| container: | |
| image: ghcr.io/gythialy/golang-cross:v1.21.9-0@sha256:3ea5f8dc2ea7508df43516966c9d498e830b1f0739a58de81ca7e28211822de6 | |
| permissions: {} | |
| steps: | |
| - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
| # Error: fatal: detected dubious ownership in repository at '/__w/cosign/cosign' | |
| # To add an exception for this directory, call: | |
| # git config --system --add safe.directory /__w/cosign/cosign | |
| # Reason: Recent versions of git require the .git folder to be owned | |
| # by the same user (see https://github.blog/2022-04-12-git-security-vulnerability-announced/). | |
| # Related | |
| # - https://github.com/actions/runner/issues/2033 | |
| # - https://github.com/actions/checkout/issues/1048 | |
| # - https://github.com/actions/runner-images/issues/6775 | |
| - run: git config --system --add safe.directory /__w/cosign/cosign | |
| # Related to https://github.com/sigstore/cosign/issues/3149 | |
| - name: free up disk space for the release | |
| run: | | |
| rm -rf /usr/share/dotnet/ | |
| rm -rf "$AGENT_TOOLSDIRECTORY" | |
| rm -rf "/usr/local/share/boost" | |
| rm -rf /opt/ghc | |
| docker rmi $(docker image ls -aq) || true | |
| swapoff /swapfile || true | |
| rm -rf /swapfile /usr/share/dotnet /usr/local/lib/android /opt/ghc || true | |
| apt purge aria2 ansible hhvm mono-devel azure-cli shellcheck rpm xorriso zsync \ | |
| clang-6.0 lldb-6.0 lld-6.0 clang-format-6.0 clang-8 lldb-8 lld-8 clang-format-8 \ | |
| clang-9 lldb-9 lld-9 clangd-9 clang-format-9 dotnet-sdk-3.0 dotnet-sdk-3.1=3.1.101-1 \ | |
| esl-erlang firefox g++-8 g++-9 gfortran-8 gfortran-9 google-chrome-stable \ | |
| google-cloud-sdk ghc-8.0.2 ghc-8.2.2 ghc-8.4.4 ghc-8.6.2 ghc-8.6.3 ghc-8.6.4 \ | |
| ghc-8.6.5 ghc-8.8.1 ghc-8.8.2 ghc-8.8.3 ghc-8.10.1 cabal-install-2.0 cabal-install-2.2 \ | |
| cabal-install-2.4 cabal-install-3.0 cabal-install-3.2 heroku imagemagick \ | |
| libmagickcore-dev libmagickwand-dev libmagic-dev ant ant-optional kubectl \ | |
| mercurial apt-transport-https mono-complete mysql-client libmysqlclient-dev \ | |
| mysql-server mssql-tools unixodbc-dev yarn bazel chrpath libssl-dev libxft-dev \ | |
| libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev php7.1 php7.1-bcmath \ | |
| php7.1-bz2 php7.1-cgi php7.1-cli php7.1-common php7.1-curl php7.1-dba php7.1-dev \ | |
| php7.1-enchant php7.1-fpm php7.1-gd php7.1-gmp php7.1-imap php7.1-interbase php7.1-intl \ | |
| php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-odbc \ | |
| php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-readline php7.1-recode \ | |
| php7.1-snmp php7.1-soap php7.1-sqlite3 php7.1-sybase php7.1-tidy php7.1-xml \ | |
| php7.1-xmlrpc php7.1-xsl php7.1-zip php7.2 php7.2-bcmath php7.2-bz2 php7.2-cgi \ | |
| php7.2-cli php7.2-common php7.2-curl php7.2-dba php7.2-dev php7.2-enchant php7.2-fpm \ | |
| php7.2-gd php7.2-gmp php7.2-imap php7.2-interbase php7.2-intl php7.2-json php7.2-ldap \ | |
| php7.2-mbstring php7.2-mysql php7.2-odbc php7.2-opcache php7.2-pgsql php7.2-phpdbg \ | |
| php7.2-pspell php7.2-readline php7.2-recode php7.2-snmp php7.2-soap php7.2-sqlite3 \ | |
| php7.2-sybase php7.2-tidy php7.2-xml php7.2-xmlrpc php7.2-xsl php7.2-zip php7.3 \ | |
| php7.3-bcmath php7.3-bz2 php7.3-cgi php7.3-cli php7.3-common php7.3-curl php7.3-dba \ | |
| php7.3-dev php7.3-enchant php7.3-fpm php7.3-gd php7.3-gmp php7.3-imap php7.3-interbase \ | |
| php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-mysql php7.3-odbc \ | |
| php7.3-opcache php7.3-pgsql php7.3-phpdbg php7.3-pspell php7.3-readline php7.3-recode \ | |
| php7.3-snmp php7.3-soap php7.3-sqlite3 php7.3-sybase php7.3-tidy php7.3-xml \ | |
| php7.3-xmlrpc php7.3-xsl php7.3-zip php7.4 php7.4-bcmath php7.4-bz2 php7.4-cgi \ | |
| php7.4-cli php7.4-common php7.4-curl php7.4-dba php7.4-dev php7.4-enchant php7.4-fpm \ | |
| php7.4-gd php7.4-gmp php7.4-imap php7.4-interbase php7.4-intl php7.4-json php7.4-ldap \ | |
| php7.4-mbstring php7.4-mysql php7.4-odbc php7.4-opcache php7.4-pgsql php7.4-phpdbg \ | |
| php7.4-pspell php7.4-readline php7.4-snmp php7.4-soap php7.4-sqlite3 php7.4-sybase \ | |
| php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-xsl php7.4-zip php-amqp php-apcu \ | |
| php-igbinary php-memcache php-memcached php-mongodb php-redis php-xdebug \ | |
| php-zmq snmp pollinate libpq-dev postgresql-client powershell ruby-full \ | |
| sphinxsearch subversion mongodb-org -yq >/dev/null 2>&1 || true | |
| apt-get remove -y 'php.*' || true | |
| apt-get autoremove -y >/dev/null 2>&1 || true | |
| apt-get autoclean -y >/dev/null 2>&1 || true | |
| - name: check disk space | |
| run: df -h | |
| - name: goreleaser snapshot | |
| run: make snapshot | |
| env: | |
| PROJECT_ID: honk-fake-project | |
| RUNTIME_IMAGE: gcr.io/distroless/static-debian12:nonroot | |
| - name: check binaries | |
| run: | | |
| ./dist/cosign-linux-amd64 version |