feat: working build and release pipeline

equals215 · Apr 13, 2024 · acc4967 · acc4967
1 parent ee5402b
commit acc4967
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 22 deletions.
diff --git a/.github/workflows/go-build-and-release.yml b/.github/workflows/go-build-and-release.yml
@@ -1,16 +1,3 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-# This workflow lets you compile your Go project using a SLSA3 compliant builder.
-# This workflow will generate a so-called "provenance" file describing the steps
-# that were performed to generate the final binary.
-# The project is an initiative of the OpenSSF (openssf.org) and is developed at
-# https://github.com/slsa-framework/slsa-github-generator.
-# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
-# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
-
 name: deepSentinel SLSA3 build and release
 on:
   workflow_dispatch:
@@ -21,19 +8,22 @@ on:
 permissions: read-all
 
 jobs:
-  # ========================================================================================================================================
-  #     Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
-  #       See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file
-  #=========================================================================================================================================
   build:
     permissions:
       id-token: write # To sign.
       contents: write # To upload release assets.
       actions: read   # To read workflow path.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
+    strategy:
+      matrix:
+        component:
+          - server
+          - agent
+        os:
+          - linux
+        arch:
+          - amd64
+    uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
     with:
       go-version: 1.22.2
-      # =============================================================================================================
-      #     Optional: For more options, see https://github.com/slsa-framework/slsa-github-generator#golang-projects
-      # =============================================================================================================
-
+      config-file: .github/workflows/slsa3-configs/${{ matrix.component }}-${{ matrix.os }}-${{ matrix.arch }}.yml
+      prerelease: true
diff --git a/.github/workflows/slsa3-configs/agent-linux-amd64.yml b/.github/workflows/slsa3-configs/agent-linux-amd64.yml
@@ -0,0 +1,8 @@
+version: 1
+env:
+  - GO111MODULE=on
+  - CGO_ENABLED=0
+goos: linux
+goarch: amd64
+main: ./cmd/agent/
+binary: deepsentinel-agent-{{ .Os }}-{{ .Arch }}
diff --git a/.github/workflows/slsa3-configs/server-linux-amd64.yml b/.github/workflows/slsa3-configs/server-linux-amd64.yml
@@ -0,0 +1,8 @@
+version: 1
+env:
+  - GO111MODULE=on
+  - CGO_ENABLED=0
+goos: linux
+goarch: amd64
+main: ./cmd/server/
+binary: deepsentinel-server-{{ .Os }}-{{ .Arch }}