docs: update #1509
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
branches: | |
- "main" | |
tags: | |
- "v*" | |
permissions: | |
contents: write | |
id-token: write | |
packages: write | |
jobs: | |
trigger-generate: | |
runs-on: ubuntu-latest | |
needs: [goreleaser] | |
steps: | |
- uses: benc-uk/workflow-dispatch@v1.2.3 | |
if: startsWith(github.ref, 'refs/tags/v') | |
with: | |
repo: goreleaser/goreleaser | |
ref: main | |
token: ${{ secrets.GH_PAT }} | |
workflow: generate.yml | |
notify-goreleaser-cross: | |
runs-on: ubuntu-latest | |
needs: [trigger-generate] | |
steps: | |
- name: get version | |
if: startsWith(github.ref, 'refs/tags/v') | |
run: echo "RELEASE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
- name: notify goreleaser-cross with new release | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: benc-uk/workflow-dispatch@v1.2.3 | |
with: | |
token: ${{ secrets.GH_PAT }} | |
repo: goreleaser/goreleaser-cross | |
workflow: goreleaser-bump | |
inputs: '{ "tag" : "${{ env.RELEASE_TAG }}" }' | |
goreleaser-check-pkgs: | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_CLI_EXPERIMENTAL: "enabled" | |
needs: [goreleaser] | |
if: github.ref == 'refs/heads/main' | |
strategy: | |
matrix: | |
format: [deb, rpm, apk] | |
steps: | |
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v3 | |
with: | |
fetch-depth: 0 | |
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1 | |
with: | |
version: 3.x | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2 | |
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 | |
with: | |
path: | | |
./dist/*.deb | |
./dist/*.rpm | |
./dist/*.apk | |
key: ${{ github.ref }} | |
- run: task goreleaser:test:${{ matrix.format }} | |
goreleaser: | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_CLI_EXPERIMENTAL: "enabled" | |
steps: | |
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v3 | |
with: | |
fetch-depth: 0 | |
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1 | |
with: | |
version: 3.x | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2 | |
- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 | |
- name: setup-snapcraft | |
# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715 | |
run: | | |
sudo apt-get update | |
sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft | |
mkdir -p $HOME/.cache/snapcraft/download | |
mkdir -p $HOME/.cache/snapcraft/stage-packages | |
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4 | |
with: | |
go-version: stable | |
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 | |
with: | |
path: | | |
./dist/*.deb | |
./dist/*.rpm | |
./dist/*.apk | |
key: ${{ github.ref }} | |
- uses: sigstore/cosign-installer@v3.5.0 | |
- uses: anchore/sbom-action/download-syft@v0.15.10 | |
- uses: crazy-max/ghaction-upx@v3 | |
with: | |
install-only: true | |
- uses: cachix/install-nix-action@v26 | |
with: | |
github_access_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: dockerhub-login | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: ghcr-login | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: snapcraft-login | |
if: startsWith(github.ref, 'refs/tags/v') | |
run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}") | |
- name: goreleaser-release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_PAT }} | |
TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }} | |
TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }} | |
TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }} | |
TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} | |
MASTODON_CLIENT_ID: ${{ secrets.MASTODON_CLIENT_ID }} | |
MASTODON_CLIENT_SECRET: ${{ secrets.MASTODON_CLIENT_SECRET }} | |
MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} | |
COSIGN_PWD: ${{ secrets.COSIGN_PWD }} | |
FURY_TOKEN: ${{ secrets.FURY_TOKEN }} | |
DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} | |
DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} | |
AUR_KEY: ${{ secrets.AUR_KEY }} | |
MACOS_SIGN_P12: ${{ secrets.MACOS_SIGN_P12 }} | |
MACOS_SIGN_PASSWORD: ${{ secrets.MACOS_SIGN_PASSWORD }} | |
MACOS_NOTARY_ISSUER_ID: ${{ secrets.MACOS_NOTARY_ISSUER_ID }} | |
MACOS_NOTARY_KEY_ID: ${{ secrets.MACOS_NOTARY_KEY_ID }} | |
MACOS_NOTARY_KEY: ${{ secrets.MACOS_NOTARY_KEY }} | |
run: task goreleaser |