Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: splitting workflows #3386

Merged
merged 4 commits into from Sep 19, 2022
Merged

chore: splitting workflows #3386

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6a15b23
chore: splitting workflows
caarlos0 Sep 18, 2022
2f29c79
fix: moving things around
caarlos0 Sep 18, 2022
dde2b88
fix: cache
caarlos0 Sep 18, 2022
6d56c51
fix: login on tags only
caarlos0 Sep 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
72 changes: 2 additions & 70 deletions .github/workflows/build.yml
View file
Open in desktop
Expand Up @@ -4,14 +4,10 @@ on:
push:
branches:
- 'main'
tags:
- 'v*'
pull_request:

permissions:
contents: write
id-token: write
packages: write
contents: read

jobs:
govulncheck:
Expand All @@ -20,34 +16,7 @@ jobs:
uses: caarlos0/meta/.github/workflows/semgrep.yml@main
ruleguard:
uses: caarlos0/meta/.github/workflows/ruleguard.yml@main
goreleaser-check-pkgs:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
needs:
- goreleaser
if: github.ref == 'refs/heads/main'
strategy:
matrix:
format: [ deb, rpm, apk ]
steps:
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
with:
version: 3.x
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ github.ref }}
- run: task goreleaser:test:${{ matrix.format }}
goreleaser:
test:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
Expand All @@ -72,13 +41,6 @@ jobs:
with:
go-version: '1.19'
cache: true
- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ github.ref }}
- uses: sigstore/cosign-installer@v2.6.0
- uses: anchore/sbom-action/download-syft@v0.12.0
- name: setup-validate-krew-manifest
Expand All @@ -96,33 +58,3 @@ jobs:
file: ./coverage.txt
- run: ./goreleaser check
- run: git diff
- name: dockerhub-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: ghcr-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: snapcraft-login
if: startsWith(github.ref, 'refs/tags/v')
run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}")
- name: goreleaser-release
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main'
env:
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}
TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }}
DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}
AUR_KEY: ${{ secrets.AUR_KEY }}
run: task goreleaser
104 changes: 104 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
@@ -0,0 +1,104 @@
name: release

on:
push:
branches:
- 'main'
tags:
- 'v*'

permissions:
contents: write
id-token: write
packages: write

jobs:
goreleaser-check-pkgs:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
needs:
- goreleaser
if: github.ref == 'refs/heads/main'
strategy:
matrix:
format: [ deb, rpm, apk ]
steps:
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
with:
version: 3.x
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ github.ref }}
- run: task goreleaser:test:${{ matrix.format }}
goreleaser:
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1
with:
version: 3.x
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # v1
- uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # v1
- name: setup-snapcraft
# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715
run: |
sudo apt-get update
sudo apt-get -yq --no-install-suggests --no-install-recommends install snapcraft
mkdir -p $HOME/.cache/snapcraft/download
mkdir -p $HOME/.cache/snapcraft/stage-packages
- uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v3
with:
go-version: '1.19'
cache: true
- uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # v3
with:
path: |
./dist/*.deb
./dist/*.rpm
./dist/*.apk
key: ${{ github.ref }}
- uses: sigstore/cosign-installer@v2.6.0
- uses: anchore/sbom-action/download-syft@v0.12.0
- name: dockerhub-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: ghcr-login
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: snapcraft-login
run: snapcraft login --with <(echo "${{ secrets.SNAPCRAFT_LOGIN }}")
- name: goreleaser-release
env:
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}
TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }}
DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}
AUR_KEY: ${{ secrets.AUR_KEY }}
run: task goreleaser