name: release on: push: branches: - 'main' tags: - 'v*' permissions: contents: write id-token: write packages: write jobs: goreleaser-check-pkgs: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" needs: - goreleaser if: github.ref == 'refs/heads/main' strategy: matrix: format: [ deb, rpm, apk ] steps: - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3 with: fetch-depth: 0 - uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2 - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - run: task goreleaser:test:${{ matrix.format }} goreleaser: runs-on: ubuntu-latest env: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3 with: fetch-depth: 0 - uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1 with: version: 3.x repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2 - uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2 - name: setup-snapcraft # FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715 run: | sudo apt-get update sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft mkdir -p $HOME/.cache/snapcraft/download mkdir -p $HOME/.cache/snapcraft/stage-packages - uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # v3 with: go-version: '>=1.19.3' cache: true - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3 with: path: | ./dist/*.deb ./dist/*.rpm ./dist/*.apk key: ${{ github.ref }} - uses: sigstore/cosign-installer@v2.8.1 - uses: anchore/sbom-action/download-syft@v0.13.1 - name: dockerhub-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: ghcr-login if: startsWith(github.ref, 'refs/tags/v') uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v1 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: snapcraft-login if: startsWith(github.ref, 'refs/tags/v') run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}") - name: goreleaser-release env: GITHUB_TOKEN: ${{ secrets.GH_PAT }} TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }} TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }} TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }} TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} COSIGN_PWD: ${{ secrets.COSIGN_PWD }} FURY_TOKEN: ${{ secrets.FURY_TOKEN }} DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} AUR_KEY: ${{ secrets.AUR_KEY }} run: task goreleaser