github-release-example/.github/workflows/setup-kosli.yml at main · kosli-dev/github-release-example · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
name: Setup kosli

on:
  workflow_dispatch:

env:
  # kosli commands picks up org, flow, trail and api-token from these environment variables
  KOSLI_ORG: "kosli-public"
  KOSLI_API_TOKEN: "${{ secrets.KOSLI_PUBLIC_API_TOKEN }}"
  KOSLI_CLI_VERSION: "${{ vars.KOSLI_CLI_VERSION }}"
  # KOSLI_DRY_RUN: true

jobs:
  create-flows:
    name: Create kosli flows and environments
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup Kosli cli
        uses: kosli-dev/setup-cli-action@v2
        with:
          version:
            ${{ vars.KOSLI_CLI_VERSION }}

      ### flows ###
      - name: Create github-release-example-backend flow
        run:
          kosli create flow github-release-example-backend
            --description "Track veracode example attestations for backend"
            --template-file kosli-flow-templates/backend-template.yml


      ### Custom attestation types ###
      - name: Create approval-github-workflow attestation type
        run:
          kosli create attestation-type approval-github-workflow
            --description "Approval from GitHub workflow"
            --schema custom-attestation-types/approval-github-workflow.json
            --jq '.state == "approved"'
            --jq '.user.login != ""'