GitHub workflow

.github/workflows/ci.yml

@@ -0,0 +1,43 @@
+
+on:
+  push:
+    paths-ignore:
+      - '.vscode/**'
+      - '**.toml'
+      - '**.md'
+  pull_request:
+    paths-ignore:
+      - '.vscode/**'
+      - '**.toml'
+      - '**.md'
+  workflow_dispatch:
+
+name: CI
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  push:
+    name: Push Docker image to container registry
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.ref, 'refs/tags/v')
+    steps:
+      - name: Log in to the Container registry
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/push.yml

@@ -0,0 +1,29 @@
+on: 
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Release tag'     
+        required: true
+
+name: Manual Push
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  push:
+    name: Push Docker image to container registry
+    runs-on: ubuntu-latest
+    steps:
+      - name: Log in to the Container registry
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.tag }}

.github/workflows/sign.yml

@@ -0,0 +1,21 @@
+on: workflow_dispatch
+
+name: Generate Dilithium Signatures
+
+jobs:
+  test:
+    name: Generate Checksum
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v2
+      - name: Generate checksum
+        uses: jplomas/actions-dilithium-sign@v1
+        with:
+          patterns: |
+            *.*
+      - name: Upload signature file as artifact
+        uses: actions/upload-artifact@master
+        with:
+          name: result
+          path: signatures.txt

Dockerfile

@@ -0,0 +1,11 @@
+FROM ubuntu:latest
+RUN apt-get update && apt-get upgrade -y && apt-get install -y git golang-go
+
+RUN git clone https://github.com/theQRL/qrlft.git
+WORKDIR /qrlft
+RUN go mod download
+RUN go build
+COPY . .
+
+ENTRYPOINT ["/qrlft/entrypoint.sh"]
+

action.yml

@@ -0,0 +1,23 @@
+name: 'Generate Dilithium Signatures'
+description: Generates a signatures file from a list of glob patterns
+inputs:
+  hexseed:
+    description: Hexseed to use
+    required: true
+  output:
+    description: Output file path
+    required: false
+    default: signatures.txt
+  patterns:
+    description: List of glob patterns to use for matching files
+    required: true
+runs:
+  using: docker
+  image: docker://ghcr.io/jplomas/actions-dilithium-sign:v1.0.0
+  args:
+    - ${{ inputs.hexseed }}
+    - ${{ inputs.output }}
+    - ${{ inputs.patterns }}
+branding:
+  icon: align-center
+  color: green

entrypoint.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+set -o pipefail
+
+/qrlft/qrlft sign --hs $1 $3 > $2