Skip to content

EPSS fix (#108)

EPSS fix (#108) #27

name: Release-Candidate
on:
push:
tags:
- "rc*"
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
env:
reportTemplate: 'report_template.html'
steps:
- name: Harden Runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
with:
egress-policy: audit
- name: Checkout repo
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Setup Node
uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
with:
working-directory: src/frontend-app
- name: Install dependencies
uses: bahmutov/npm-install@e5c7e14408aa6089501de32bd16123b41738047e # v1.10.2
with:
working-directory: src/frontend-app
- name: Build project
run: |
cd src/frontend-app/
npm run build
- name: Preparing report_template.html
run: |
{
head -n -4 'src/frontend-app/dist/src/assets/app-template.html'
echo ''
cat 'src/frontend-app/dist/app.js'
echo ''
echo '</script>'
echo '</body>'
echo '</html>'
} >"$reportTemplate"
cat "$reportTemplate"
- name: Compress
run: tar -zcvf scan2html.tar.gz scan2html.sh "$reportTemplate" LICENSE release-candidate/plugin.yaml
- name: Install GPG
run: sudo apt-get install -y gnupg
- name: Configure GPG
run: |
mkdir -p ~/.gnupg
chmod 700 ~/.gnupg
echo "use-agent" > ~/.gnupg/gpg.conf
echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf
- name: Import GPG key
run: |
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --yes --import
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Sign the release file
run: |
gpg --batch --yes --pinentry-mode loopback --passphrase "${{ secrets.GPG_PASSPHRASE }}" --armor --detach-sign scan2html.tar.gz
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
with:
files: |
scan2html.tar.gz
scan2html.tar.gz.asc