diff --git a/ci/go-ossf-slsa3-publish.yml b/ci/go-ossf-slsa3-publish.yml new file mode 100644 index 0000000..09c98c0 --- /dev/null +++ b/ci/go-ossf-slsa3-publish.yml @@ -0,0 +1,35 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This workflow lets you compile your Go project using a SLSA3 compliant builder. +# This workflow will generate a so-called "provenance" file describing the steps +# that were performed to generate the final binary. +# The project is an initiative of the OpenSSF (openssf.org) and is developed at +# https://github.com/slsa-framework/slsa-github-generator. +# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier. +# For more information about SLSA and how it improves the supply-chain, visit slsa.dev. + +name: SLSA Go releaser +on: + workflow_dispatch: + release: + types: [created] + +permissions: read-all + +jobs: + build: + permissions: + id-token: write # To sign. + contents: write # To upload release assets. + actions: read # To read workflow path. + # If you need more configuration options, such as ldflag examples, + # visit https://github.com/slsa-framework/slsa-github-generator#golang-projects. + uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.0.0 + with: + # By default, the config file is .slsa-goreleaser.yml in the root directory. + # The format of the config file is described in + # https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file. + go-version: 1.17 diff --git a/ci/properties/go-ossf-slsa3-publish.properties.json b/ci/properties/go-ossf-slsa3-publish.properties.json new file mode 100644 index 0000000..2d58eaf --- /dev/null +++ b/ci/properties/go-ossf-slsa3-publish.properties.json @@ -0,0 +1,7 @@ +{ + "name": "SLSA Go releaser", + "creator": "Open Source Security Foundation (OpenSSF)", + "description": "Compile your Go project using a SLSA3 compliant builder", + "iconName": "go-ossf-slsa3-publish", + "categories": ["Continuous integration", "Go"] +} diff --git a/icons/go-ossf-slsa3-publish.svg b/icons/go-ossf-slsa3-publish.svg new file mode 100644 index 0000000..ea77468 --- /dev/null +++ b/icons/go-ossf-slsa3-publish.svg @@ -0,0 +1,11 @@ + + + + + + + + + + +