129 lines (126 loc) · 4.72 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: build
on:
push:
branches:
- 'main'
tags:
- 'v*'
pull_request:
permissions:
contents: write
id-token: write
packages: write
jobs:
goreleaser-check-pkgs:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
needs:
- goreleaser
if: github.ref == 'refs/heads/main'
strategy:
matrix:
format: [ deb, rpm, apk ]
steps:
- uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
with:
version: 3.x
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
- uses: actions/cache@661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 # v2
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ runner.os }}-go-${{ hashFiles('**/*.go') }}-${{ hashFiles('**/go.sum') }}
- run: task goreleaser:test:${{ matrix.format }}
goreleaser:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
with:
version: 3.x
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
- uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # v1
- name: setup-snapcraft
# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715
run: |
sudo apt-get update
sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft
mkdir -p $HOME/.cache/snapcraft/download
mkdir -p $HOME/.cache/snapcraft/stage-packages
- uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # v3
with:
go-version: '1.18'
- uses: actions/cache@661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 # v2
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- uses: actions/cache@661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 # v2
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ runner.os }}-go-${{ hashFiles('**/*.go') }}-${{ hashFiles('**/go.sum') }}
- uses: sigstore/cosign-installer@v2.5.0
- uses: anchore/sbom-action/download-syft@v0.11.0
- name: setup-validate-krew-manifest
run: go install sigs.k8s.io/krew/cmd/validate-krew-manifest@latest
- name: setup-tparse
run: go install github.com/mfridman/tparse@latest
- name: setup
run: |
task setup
task build
- name: test
run: ./scripts/test.sh
- uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378 # v3
with:
file: ./coverage.txt
- run: ./goreleaser check
- run: git diff
- name: dockerhub-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: ghcr-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: snapcraft-login
if: startsWith(github.ref, 'refs/tags/v')
run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}")
- name: goreleaser-release
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main'
env:
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}
TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }}
DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}
AUR_KEY: ${{ secrets.AUR_KEY }}
run: task goreleaser