name: release on: push: branches: - "main" tags: - "v*" permissions: contents: write id-token: write packages: write jobs: trigger-generate: runs-on: ubuntu-latest needs: [goreleaser] steps: - uses: benc-uk/workflow-dispatch@v121 if: startsWith(github.ref, 'refs/tags/v') with: repo: goreleaser/goreleaser ref: main token: ${{ secrets.GH_PAT }} workflow: generate.yml notify-goreleaser-cross: runs-on: ubuntu-latest needs: [trigger-generate] steps: - name: get version if: startsWith(github.ref, 'refs/tags/v') run: echo "RELEASE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - name: notify goreleaser-cross with new release if: startsWith(github.ref, 'refs/tags/v') uses: benc-uk/workflow-dispatch@v121 with: token: ${{ secrets.GH_PAT }} repo: goreleaser/goreleaser-cross workflow: goreleaser-bump inputs: '{ "tag" : "${{ env.RELEASE_TAG }}" }' goreleaser-check-pkgs: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" needs: [goreleaser] if: github.ref == 'refs/heads/main' strategy: matrix: format: [deb, rpm, apk] steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3 with: fetch-depth: 0 - uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2 - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - run: task goreleaser:test:${{ matrix.format }} goreleaser: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3 with: fetch-depth: 0 - uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2 - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3 - name: setup-snapcraft # FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715 run: | sudo apt-get update sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft mkdir -p $HOME/.cache/snapcraft/download mkdir -p $HOME/.cache/snapcraft/stage-packages - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4 with: go-version: stable - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - uses: sigstore/cosign-installer@v3.4.0 - uses: anchore/sbom-action/download-syft@v0.15.8 - uses: crazy-max/ghaction-upx@v3 with: install-only: true - uses: cachix/install-nix-action@v25 with: github_access_token: ${{ secrets.GITHUB_TOKEN }} - name: dockerhub-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: ghcr-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: snapcraft-login if: startsWith(github.ref, 'refs/tags/v') run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}") - name: goreleaser-release env: GITHUB_TOKEN: ${{ secrets.GH_PAT }} TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }} TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }} TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }} TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} MASTODON_CLIENT_ID: ${{ secrets.MASTODON_CLIENT_ID }} MASTODON_CLIENT_SECRET: ${{ secrets.MASTODON_CLIENT_SECRET }} MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} COSIGN_PWD: ${{ secrets.COSIGN_PWD }} FURY_TOKEN: ${{ secrets.FURY_TOKEN }} DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} AUR_KEY: ${{ secrets.AUR_KEY }} run: task goreleaser