Skip to content

README.md

Latest commit

 

History

History
116 lines (80 loc) · 4.18 KB

README.md

File metadata and controls

116 lines (80 loc) · 4.18 KB

install-github-release-binary

Build Status

install-github-release-binary is an opinionated GitHub Action for adding a binary from a GitHub Release to your CI $PATH.

The primary goals are, in order of priority:

  1. control over software supply chain security (SSCS)
  2. execute quickly
  3. avoid rate limits

Supported releases

This action only supports installing from releases where the release:

  • is tagged with the full {major}.{minor}.{patch} semantic version
  • contains raw binary assets (archives not supported)

You can create compatible releases with semantic-release, using a workflow like semantic-release-action/rust.

Use

Use this action in a step:

- name: Install flux-capacitor
  uses: BitGo/install-github-release-binary@v2
  with:
    targets: BitGo/flux-capacitor@v1

Note

I recommend adding an explicit step name, otherwise the step will only reference BitGo/install-github-release-binary@v2, not your targets.

Install multiple binaries:

- name: Install future tools
  uses: BitGo/install-github-release-binary@v2
  with:
    targets: |
      BitGo/flux-capacitor@v1
      BitGo/steam-locomotive@v7.5.3
      BitGo/hoverboard@11.7.3:sha256-8a4600be96d2ec013209042458ce97a9652fcc46c1c855d0217aa42e330fc06e

Install a binary from a release with multiple binaries available:

- name: Install flux-capacitor
  uses: BitGo/install-github-release-binary@v2
  with:
    targets: |
      BitGo/future-tools/flux-capacitor@v1

Install a specific binary with checksum validation:

- name: Install argocd CLI
  uses: BitGo/install-github-release-binary@v2
  with:
    targets: |
      argoproj/argo-cd/argocd-linux-amd64@v3.1.4:sha256-7def0aa3cc9ebcd6acdddc27244e7ea4de448d872a9ab0cf6cab4b1e653841a6

Inputs

Input Parameter Required Description
targets true Whitespace separated list of target GitHub Releases in format {owner}/{repository}@{version}. Details
token false GitHub token for REST requests. Defaults to ${{ github.token }}. Details

targets

Specify a whitespace-separated list of targets.

Each target is specified by repo slug and a semantic version number using the format {owner}/{repository}@v{semantic-version}. Optionally, include:

  • the particular binary to install (required when a release contains multiple binaries)
  • a sha256 checksum

Examples:

  • BitGo/flux-capacitor@v1
  • BitGo/flux-capacitor@v1.2
  • BitGo/flux-capacitor@v1.2.3
  • BitGo/flux-capacitor@v1.2.3:sha256-ad91159c656d427ad8fe5ded2946f29f3a612c6b7a4af6129e9aa85256b7299e
  • BitGo/future-tools/flux-capacitor@v1

token

A GitHub token with repo scope. Defaults to the ${{ github.token }} created automatically by GitHub Actions.

To install a binary from a private GitHub repository, use a Personal Access Token.

Versioning

This action assumes it is running on a GitHub-hosted runner, so bumping any dependency to a version preinstalled on GitHub-hosted runners is not considered a breaking change.