Files
publish-immutable-action/action.yml
T
2024-01-29 16:25:15 +00:00

54 lines
1.8 KiB
YAML

name: 'Package and Publish'
description: 'Publish actions as OCI artifacts to GHCR'
permissions:
id-token: write
contents: write
packages: write
# TODO: Add your action's branding here. This will appear on the GitHub Marketplace.
branding:
icon: 'heart'
color: 'red'
inputs:
path:
required: false
description: The work directory or path to be tar archived and uploaded as OCI Artifact layer.
default: '.'
outputs:
package-url:
description: 'The name of package published to GHCR along with semver. For example, https://ghcr.io/actions/package-action:1.0.1'
value: ${{steps.publish.outputs.package-url}}
package-manifest:
description: 'The package manifest of the published package in JSON format'
value: ${{steps.publish.outputs.package-manifest}}
package-manifest-sha:
description: 'A sha256 hash of the package manifest'
value: ${{steps.publish.outputs.package-manifest-sha}}
runs:
using: 'composite'
steps:
- name: Publish Action Package
run: 'node ${{github.action_path}}/dist/index.js --path ${{ inputs.path }}'
shell: bash
id: publish
env:
TOKEN: ${{ github.token }}
GITHUB_REPOSITORY: ${{ github.repository }}
- name: Output variables
shell: bash
run: |
echo "package manifest": ${{steps.publish.outputs.package-manifest}}
echo "package manifest sha": ${{steps.publish.outputs.package-manifest-sha}}
echo "package url": ${{steps.publish.outputs.package-url}}
echo "subject name": ${{github.repository}}_${{github.ref}}
- name: Generate Provenance Attestation
uses: github-early-access/generate-build-provenance@main
id: build-provenance
with:
subject-name: ${{github.repository}}_${{github.ref}}
subject-digest: ${{steps.publish.outputs.package-manifest-sha}}
push-to-registry: false