CI / CD · Reggie

CI / CD

Publish from GitHub Actions, GitLab CI, or any other runner.

GitHub Actions

name: Publish to Reggie

on:
  push:
    tags: ["v*"]

jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install Reggie
        run: curl -fsSL https://reggie.ml/install.sh | sh

      - name: Publish
        env:
          REGGIE_IDENTITY_KEY: ${{ secrets.REGGIE_IDENTITY_KEY }}
        run: |
          reggie login --did did:oas:l1fe:hmr:jared-rice
          reggie publish .

Best practices

Use a release-only signing key. Never the same key as your local dev env.
Pin the Reggie version (brew install l1fe/tap/reggie@0.1.0) so a bad release cannot poison your CI.
Verify the install with cosign before running it in privileged contexts.