Skip to content

v0.6.1

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 Apr 10:10
· 21 commits to main since this release
v0.6.1
a7aa67f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

Bug Fixes 🛠

  • fix: remove unnecessary trailing newlines in markdown output by @tmknom in #153

Full Changelog: v0.6.0...v0.6.1

Installation

Official binaries can be downloaded from https://github.com/tmknom/actdocs/releases .
We support popular operating systems such as Linux, Windows, and macOS, as well as CPU architectures like amd64 and arm64.

Manual Installation

Download the binary for your operating system and architecture, make it executable, and move it to a directory in your PATH.
For example, on AMD64 Linux, run the following commands:

curl -sSL -o actdocs "https://github.com/tmknom/actdocs/releases/download/0.6.1/actdocs_0.6.1_linux_amd64"
chmod +x actdocs
sudo mv actdocs /usr/local/bin/actdocs

Homebrew Installation

brew install tmknom/tap/actdocs

DEB Installation

Download the .deb package for your architecture (e.g., *_linux_amd64.deb or *_linux_arm64.deb), then install it using the dpkg command:

curl -sSL -o actdocs.deb "https://github.com/tmknom/actdocs/releases/download/0.6.1/actdocs_0.6.1_linux_amd64.deb"
dpkg -i actdocs.deb

RPM Installation

Download the .rpm package for your architecture (e.g., *_linux_amd64.rpm or *_linux_arm64.rpm), then install it using the rpm command:

curl -sSL -o actdocs.rpm "https://github.com/tmknom/actdocs/releases/download/0.6.1/actdocs_0.6.1_linux_amd64.rpm"
rpm -ivh actdocs.rpm

APK Installation

Download the .apk package for your architecture (e.g., *_linux_amd64.apk or *_linux_arm64.apk), then install it using the apk command:

curl -sSL -o actdocs.apk "https://github.com/tmknom/actdocs/releases/download/0.6.1/actdocs_0.6.1_linux_amd64.apk"
apk add --allow-untrusted actdocs.apk

Verification

All artifacts are checksummed, and signed by Cosign using identity-based ("keyless") signing and transparency.

Checksum verification

  1. Install GitHub CLI and Cosign if not already available.
  2. Download all artifacts using GitHub CLI: 
    gh release download v0.6.1
  3. Verify the signature using: 
    cosign verify-blob \
  --signature "actdocs_0.6.1_checksums.txt.sig" \
  --certificate "actdocs_0.6.1_checksums.txt.pem" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/tmknom/release-workflows/.github/workflows/go.yml@92c6d4cead2f5f4b097425af15d7128ef2414d40" \
  --certificate-github-workflow-repository "tmknom/actdocs" \
  --certificate-github-workflow-sha "a7aa67f42b9a6349ad6cb971290c5e6149c7d43d" \
  "actdocs_0.6.1_checksums.txt"
  4. Verify the checksum of the downloaded files using: 
    sha256sum --ignore-missing -c "actdocs_0.6.1_checksums.txt"
    Ensure that the output indicates a valid match.

Cosign verification

You can verify all artifacts, such as executable binaries, Linux packages, checksum files, and SBOMs.
For example, the linux/amd64 binary:

  1. Install Cosign if not already available.
  2. Verify the signature using: 
    cosign verify-blob \
  --signature "actdocs_0.6.1_linux_amd64.sig" \
  --certificate "actdocs_0.6.1_linux_amd64.pem" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/tmknom/release-workflows/.github/workflows/go.yml@92c6d4cead2f5f4b097425af15d7128ef2414d40" \
  --certificate-github-workflow-repository "tmknom/actdocs" \
  --certificate-github-workflow-sha "a7aa67f42b9a6349ad6cb971290c5e6149c7d43d" \
  "actdocs_0.6.1_linux_amd64"

GitHub Artifact Attestations verification

You can verify all artifacts, such as executable binaries, Linux packages, checksum files, and SBOMs.
For example, the linux/amd64 binary:

  1. Install GitHub CLI if not already available.
  2. Verify the attestation: 
    gh attestation verify "actdocs_0.6.1_linux_amd64" \
  --deny-self-hosted-runners \
  --repo "tmknom/actdocs" \
  --cert-oidc-issuer "https://token.actions.githubusercontent.com" \
  --cert-identity "https://github.com/tmknom/release-workflows/.github/workflows/go.yml@92c6d4cead2f5f4b097425af15d7128ef2414d40"

Container Images

Pull image tag

docker pull ghcr.io/tmknom/actdocs:v0.6.1

Pull image digest

docker pull ghcr.io/tmknom/actdocs@sha256:987fc57319e05fb48041bcaa146fb44bab00f60e9adb3b187a31cf146241a868

Cosign verification

You can verify container images using Cosign.

  1. Install Cosign if not already available.
  2. Verify the signature using: 
    cosign verify \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-identity "https://github.com/tmknom/release-workflows/.github/workflows/go.yml@92c6d4cead2f5f4b097425af15d7128ef2414d40" \
  --certificate-github-workflow-repository "tmknom/actdocs" \
  --certificate-github-workflow-sha "a7aa67f42b9a6349ad6cb971290c5e6149c7d43d" \
  ghcr.io/tmknom/actdocs@sha256:987fc57319e05fb48041bcaa146fb44bab00f60e9adb3b187a31cf146241a868

GitHub Artifact Attestations verification

You can verify container images using GitHub Artifact Attestations.

  1. Install GitHub CLI if not already available.
  2. Verify the attestation: 
    gh attestation verify oci://ghcr.io/tmknom/actdocs@sha256:987fc57319e05fb48041bcaa146fb44bab00f60e9adb3b187a31cf146241a868 \
  --deny-self-hosted-runners \
  --repo "tmknom/actdocs" \
  --cert-oidc-issuer "https://token.actions.githubusercontent.com" \
  --cert-identity "https://github.com/tmknom/release-workflows/.github/workflows/go.yml@92c6d4cead2f5f4b097425af15d7128ef2414d40"

Contributors

tmknom
Assets 77
Loading