name: release on: push: branches: - 'main' tags: - 'v*' permissions: contents: write id-token: write packages: write jobs: trigger-generate: runs-on: ubuntu-latest needs: [ goreleaser ] steps: - uses: benc-uk/workflow-dispatch@v121 if: startsWith(github.ref, 'refs/tags/v') with: repo: goreleaser/goreleaser ref: main token: ${{ secrets.GH_PAT }} workflow: generate-releases.yml notify-goreleaser-cross: runs-on: ubuntu-latest needs: [ trigger-generate ] steps: - name: get version if: startsWith(github.ref, 'refs/tags/v') run: echo "RELEASE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - name: notify goreleaser-cross with new release if: startsWith(github.ref, 'refs/tags/v') uses: benc-uk/workflow-dispatch@v121 with: token: ${{ secrets.GH_PAT }} repo: goreleaser/goreleaser-cross workflow: goreleaser-bump inputs: '{ "tag" : "${{ env.RELEASE_TAG }}" }' goreleaser-check-pkgs: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" needs: [ goreleaser ] if: github.ref == 'refs/heads/main' strategy: matrix: format: [ deb, rpm, apk ] steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 - uses: arduino/setup-task@e26d8975574116b0097a1161e0fe16ba75d84c1c # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2 - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - run: task goreleaser:test:${{ matrix.format }} goreleaser: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3 with: fetch-depth: 0 - uses: arduino/setup-task@e26d8975574116b0097a1161e0fe16ba75d84c1c # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2 - uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2 - name: setup-snapcraft # FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715 run: | sudo apt-get update sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft mkdir -p $HOME/.cache/snapcraft/download mkdir -p $HOME/.cache/snapcraft/stage-packages - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4 with: go-version: stable - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - uses: sigstore/cosign-installer@v3.0.3 - uses: anchore/sbom-action/download-syft@v0.14.2 - uses: crazy-max/ghaction-upx@v2 with: install-only: true - name: dockerhub-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: ghcr-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v1 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: snapcraft-login if: startsWith(github.ref, 'refs/tags/v') run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}") - name: goreleaser-release env: GITHUB_TOKEN: ${{ secrets.GH_PAT }} TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }} TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }} TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }} TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} MASTODON_CLIENT_ID: ${{ secrets.MASTODON_CLIENT_ID }} MASTODON_CLIENT_SECRET: ${{ secrets.MASTODON_CLIENT_SECRET }} MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} COSIGN_PWD: ${{ secrets.COSIGN_PWD }} FURY_TOKEN: ${{ secrets.FURY_TOKEN }} DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} AUR_KEY: ${{ secrets.AUR_KEY }} run: task goreleaser