diff --git a/.github/workflows/release-process.yml b/.github/workflows/release-process.yml index 9e3d7d520..3a427beea 100644 --- a/.github/workflows/release-process.yml +++ b/.github/workflows/release-process.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v3.5.2 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -20,13 +20,13 @@ jobs: run: ./hack/install-deps.sh - name: Install imgpkg - uses: carvel-dev/setup-action@v1 + uses: carvel-dev/setup-action@v2 with: only: imgpkg token: ${{ secrets.GITHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3.1.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -37,11 +37,14 @@ jobs: with: go-version: 1.21.5 + - name: Set up Cosign + uses: sigstore/cosign-installer@v3.4.0 + - name: Run release script run: | set -e -x minikube start --driver=docker --wait=all - docker buildx create minikube --use --driver=kubernetes --bootstrap + docker buildx create --name minikube --use --driver=kubernetes --bootstrap ./hack/build-release.sh # Create release folder to store all the output artifacts mkdir release @@ -68,7 +71,7 @@ jobs: echo '```' | tee -a ./tmp/checksums-formatted.txt - name: Create release draft and upload release yaml - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 + uses: softprops/action-gh-release@v2.0.2 with: name: ${{ github.ref_name }} token: ${{ secrets.GITHUB_TOKEN }} @@ -80,7 +83,7 @@ jobs: prerelease: true - name: Get uploaded release YAML checksum - uses: actions/github-script@v6 + uses: actions/github-script@v7.0.1 id: get-checksums-from-draft-release if: startsWith(github.ref, 'refs/tags/') with: