Bump actions/checkout from 3.5.3 to 4.1.7 (#60) #8

	name: Release

	on:
	push:
	tags:
	- 'release/*'

	env:
	DOCKER_REGISTRY: ghcr.io/linkerd

	jobs:
	tag:
	timeout-minutes: 3
	runs-on: ubuntu-latest
	steps:
	- id: meta
	shell: bash
	run: \|
	shopt -s extglob
	ref="${{ github.ref }}"
	ver="${ref##refs/tags/release/}"
	if [[ "$ver" != v+([0-9]).+([0-9]).+([0-9])?(-+([a-z0-9-])) ]]; then
	echo "Invalid version: $ver" >&2
	exit 1
	fi
	echo tag="$ver" >> "$GITHUB_OUTPUT"
	outputs:
	tag: ${{ steps.meta.outputs.tag }}

	docker-build:
	needs: [tag]
	runs-on: ubuntu-20.04
	permissions:
	packages: write
	id-token: write # needed for signing the images with GitHub OIDC Token
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
	- name: Set tag
	run: echo 'TAG=${{ needs.tag.outputs.tag }}' >> "$GITHUB_ENV"
	- uses: ./.github/actions/docker-build
	id: build
	with:
	docker-registry: ${{ env.DOCKER_REGISTRY }}
	docker-target: multi-arch
	docker-push: 1
	docker-ghcr-token: ${{ secrets.GITHUB_TOKEN }}
	tag: ${{ needs.tag.outputs.tag }}
	- uses: sigstore/cosign-installer@v3
	- run: cosign sign '${{ steps.build.outputs.image }}'
	env:
	COSIGN_EXPERIMENTAL: 1

	github:
	needs: [tag, docker-build]
	timeout-minutes: 5
	permissions:
	contents: write
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
	- uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0
	with:
	name: linkerd-extension-init ${{ needs.tag.outputs.tag }}

Provide feedback