feat: add release manifests (#1728)

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

.github/workflows/release.yml

@@ -119,6 +119,9 @@ jobs:
       - name: Promote Container Image
         run: make docker.promote
 
+      - name: Build release manifests
+        run: make manifests
+
       - name: Sign promoted image
         id: sign
         uses: ./.github/actions/sign
@@ -136,5 +139,6 @@ jobs:
           files: |
             provenance.${{ env.RELEASE_TAG }}.intoto.jsonl
             sbom.${{ env.RELEASE_TAG }}.spdx.json
+            bin/deploy/manifests/external-secrets.yaml
         env:
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

Makefile

@@ -73,7 +73,7 @@ FAIL	= (echo ${TIME} ${RED}[FAIL]${CNone} && false)
 # ====================================================================================
 # Conformance
 
-reviewable: generate helm.generate helm.docs lint ## Ensure a PR is ready for review.
+reviewable: generate manifests helm.generate helm.docs lint ## Ensure a PR is ready for review.
 	@go mod tidy
 	@cd e2e/ && go mod tidy