goreleaser/.github/workflows/release.yml

name: release

on:
  push:
    branches:
      - 'main'
    tags:
      - 'v*'

permissions:
  contents: write
  id-token: write
  packages: write

jobs:
  goreleaser-check-pkgs:
    runs-on: ubuntu-latest
    env:
      DOCKER_CLI_EXPERIMENTAL: "enabled"
    needs:
      - goreleaser
    if: github.ref == 'refs/heads/main'
    strategy:
      matrix:
        format: [ deb, rpm, apk ]
    steps:
      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
        with:
          fetch-depth: 0
      - uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
        with:
          version: 3.x
          repo-token: ${{ secrets.GITHUB_TOKEN }}
      - uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
        with:
          path: |
            ./dist/*.deb
            ./dist/*.rpm
            ./dist/*.apk
          key: ${{ github.ref }}
      - run: task goreleaser:test:${{ matrix.format }}
  goreleaser:
    runs-on: ubuntu-latest
    env:
      DOCKER_CLI_EXPERIMENTAL: "enabled"
    steps:
      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
        with:
          fetch-depth: 0
      - uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
        with:
          version: 3.x
          repo-token: ${{ secrets.GITHUB_TOKEN }}
      - uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
      - uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # v1
      - name: setup-snapcraft
        # FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715
        run: |
          sudo apt-get update
          sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft
          mkdir -p $HOME/.cache/snapcraft/download
          mkdir -p $HOME/.cache/snapcraft/stage-packages
      - uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v3
        with:
          go-version: '>=1.19.1'
          cache: true
      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
        with:
          path: |
            ./dist/*.deb
            ./dist/*.rpm
            ./dist/*.apk
          key: ${{ github.ref }}
      - uses: sigstore/cosign-installer@v2.7.0
      - uses: anchore/sbom-action/download-syft@v0.12.0
      - name: dockerhub-login
        if: startsWith(github.ref, 'refs/tags/v')
        uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: ghcr-login
        if: startsWith(github.ref, 'refs/tags/v')
        uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: snapcraft-login
        if: startsWith(github.ref, 'refs/tags/v')
        run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}")
      - name: goreleaser-release
        env:
          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
          TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
          TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}
          TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
          TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
          COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
          FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
          DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }}
          DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}
          AUR_KEY: ${{ secrets.AUR_KEY }}
        run: task goreleaser
chore: splitting workflows (#3386) split build & release workflows Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> 2022-09-18 21:31:33 -03:00			`name: release`

			`on:`
			`push:`
			`branches:`
			`- 'main'`
			`tags:`
			`- 'v*'`

			`permissions:`
			`contents: write`
			`id-token: write`
			`packages: write`

			`jobs:`
			`goreleaser-check-pkgs:`
			`runs-on: ubuntu-latest`
			`env:`
			`DOCKER_CLI_EXPERIMENTAL: "enabled"`
			`needs:`
			`- goreleaser`
			`if: github.ref == 'refs/heads/main'`
			`strategy:`
			`matrix:`
			`format: [ deb, rpm, apk ]`
			`steps:`
			`- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3`
			`with:`
			`fetch-depth: 0`
			`- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1`
			`with:`
			`version: 3.x`
			`repo-token: ${{ secrets.GITHUB_TOKEN }}`
			`- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1`
			`- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3`
			`with:`
			`path: \|`
			`./dist/*.deb`
			`./dist/*.rpm`
			`./dist/*.apk`
			`key: ${{ github.ref }}`
			`- run: task goreleaser:test:${{ matrix.format }}`
			`goreleaser:`
			`runs-on: ubuntu-latest`
			`env:`
			`DOCKER_CLI_EXPERIMENTAL: "enabled"`
			`steps:`
			`- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3`
			`with:`
			`fetch-depth: 0`
			`- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1`
			`with:`
			`version: 3.x`
			`repo-token: ${{ secrets.GITHUB_TOKEN }}`
			`- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1`
			`- uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # v1`
			`- name: setup-snapcraft`
			`# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715`
			`run: \|`
			`sudo apt-get update`
			`sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft`
			`mkdir -p $HOME/.cache/snapcraft/download`
			`mkdir -p $HOME/.cache/snapcraft/stage-packages`
			`- uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v3`
			`with:`
chore: minor workflows improvements 2022-09-22 16:00:05 -03:00			`go-version: '>=1.19.1'`
chore: splitting workflows (#3386) split build & release workflows Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> 2022-09-18 21:31:33 -03:00			`cache: true`
			`- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3`
			`with:`
			`path: \|`
			`./dist/*.deb`
			`./dist/*.rpm`
			`./dist/*.apk`
			`key: ${{ github.ref }}`
chore(deps): bump sigstore/cosign-installer from 2.6.0 to 2.7.0 (#3404) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.6.0 to 2.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v2.7.0</h2> <h2>What's Changed</h2> <ul> <li>bump cosign to v1.12.1 by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/94">sigstore/cosign-installer#94</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0">https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/ced07f21fb1da67979f539bbc6304c16c0677e76"><code>ced07f2</code></a> bump cosign to v1.12.1 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/94">#94</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.6.0...v2.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=2.6.0&new-version=2.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2022-09-26 10:24:30 -03:00			`- uses: sigstore/cosign-installer@v2.7.0`
chore: splitting workflows (#3386) split build & release workflows Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> 2022-09-18 21:31:33 -03:00			`- uses: anchore/sbom-action/download-syft@v0.12.0`
			`- name: dockerhub-login`
			`if: startsWith(github.ref, 'refs/tags/v')`
			`uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1`
			`with:`
			`username: ${{ secrets.DOCKER_USERNAME }}`
			`password: ${{ secrets.DOCKER_PASSWORD }}`
			`- name: ghcr-login`
			`if: startsWith(github.ref, 'refs/tags/v')`
			`uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1`
			`with:`
			`registry: ghcr.io`
			`username: ${{ github.repository_owner }}`
			`password: ${{ secrets.GITHUB_TOKEN }}`
			`- name: snapcraft-login`
chore: do not login on snapcraft on snapshots 2022-09-27 21:20:57 -03:00			`if: startsWith(github.ref, 'refs/tags/v')`
chore: splitting workflows (#3386) split build & release workflows Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> 2022-09-18 21:31:33 -03:00			`run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}")`
			`- name: goreleaser-release`
			`env:`
			`GITHUB_TOKEN: ${{ secrets.GH_PAT }}`
			`TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}`
			`TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}`
			`TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}`
			`TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}`
			`COSIGN_PWD: ${{ secrets.COSIGN_PWD }}`
			`FURY_TOKEN: ${{ secrets.FURY_TOKEN }}`
			`DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }}`
			`DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}`
			`AUR_KEY: ${{ secrets.AUR_KEY }}`
			`run: task goreleaser`