mirror of https://github.com/CrimsonTome/tldr.git
54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
name: Copy assets to the new release
|
|
|
|
on:
|
|
release:
|
|
types: published
|
|
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
jobs:
|
|
release:
|
|
name: Copy release assets
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write # to upload assets to releases
|
|
attestations: write # to upload assets attestation for build provenance
|
|
id-token: write # grant additional permission to attestation action to mint the OIDC token permission
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Set tag names
|
|
run: |
|
|
echo "LATEST=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
|
|
echo "PREVIOUS=$(git describe --tags --abbrev=0 $(git describe --tags --abbrev=0)^)" >> $GITHUB_ENV
|
|
|
|
- name: Download assets
|
|
run: |
|
|
mkdir release-assets && cd release-assets
|
|
gh release download "$PREVIOUS"
|
|
|
|
- name: Construct subject-path for attest
|
|
if: github.repository == 'tldr-pages/tldr'
|
|
id: construct-subject-path
|
|
run: |
|
|
zip_files=$(find release-assets -name '*.zip' -printf '%p,')
|
|
pdf_files=$(find release-assets -name '*.pdf' -printf '%p,')
|
|
subject_path="${zip_files::-1},${pdf_files::-1},release-assets/tldr.sha256sums"
|
|
echo "subject_path=$subject_path" >> $GITHUB_ENV
|
|
|
|
- name: Attest copied assets
|
|
if: github.repository == 'tldr-pages/tldr'
|
|
id: attest
|
|
uses: actions/attest-build-provenance@v1
|
|
with:
|
|
subject-path: ${{ env.subject_path }}
|
|
|
|
- name: Upload assets
|
|
if: github.repository == 'tldr-pages/tldr'
|
|
working-directory: release-assets
|
|
run: gh release upload "$LATEST" -- *
|