-
Notifications
You must be signed in to change notification settings - Fork 324
113 lines (105 loc) · 3.64 KB
/
ci-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
name: ci-release
# Run this workflow on push events (i.e. PR merge) to main or release branches,
# push events for new semantic version tags, all PRs, and manual triggers.
on:
push:
branches:
- main
- "v[0-9]+.x"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
pull_request:
workflow_dispatch:
# Inputs the workflow accepts.
inputs:
version:
# Friendly description to be shown in the UI instead of 'name'
description: "Semver type of new version (major / minor / patch)"
# Input has to be provided for the workflow to run
required: true
type: choice
options:
- patch
- minor
- major
jobs:
lint:
uses: ./.github/workflows/lint.yml
markdown-linter:
uses: ./.github/workflows/markdown-linter.yml
test:
uses: ./.github/workflows/test.yml
goreleaser-check:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- uses: goreleaser/goreleaser-action@v5
with:
version: latest
args: check
# branch_name trims ref/heads/ from github.ref to access a clean branch name
branch_name:
runs-on: ubuntu-latest
outputs:
branch: ${{ steps.trim_ref.outputs.branch }}
steps:
- name: Trim branch name
id: trim_ref
run: |
echo "branch=$(${${{ github.ref }}:11})" >> $GITHUB_OUTPUT
# If this was a workflow dispatch event, we need to generate and push a tag
# for goreleaser to grab
version_bump:
needs: [lint, test, branch_name, goreleaser-check]
runs-on: ubuntu-latest
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- name: Bump version and push tag
# Placing the if condition here is a workaround for needing to block
# on this step during workflow dispatch events but the step not
# needing to run on tags. If we had the if condition on the full
# version_bump section, it would skip and not run, which would result
# in goreleaser not running either.
if: ${{ github.event_name == 'workflow_dispatch' }}
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
default_bump: ${{ inputs.version }}
# Setting the branch name so that release branch other than
# master/main doesn't impact tag name
release_branches: ${{ needs.branch_name.outputs.branch }}
# Generate the release with goreleaser to include pre-built binaries
goreleaser:
needs: version_bump
runs-on: ubuntu-20.04
if: |
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'push' && contains(github.ref, 'refs/tags/'))
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- run: git fetch --force --tags
- uses: actions/setup-go@v4
with:
go-version: 1.21.1
# Import the GPG key from Github secrets to sign the binaries
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_SIGNING_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
# Generate the binaries, release, and sign the checksum
- uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}