diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 402a4e8..ea9862b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -14,10 +14,11 @@ jobs: runs-on: ubuntu-latest permissions: - contents: read - issues: read + contents: write # to be able to publish a GitHub release + issues: write # to be able to comment on released issues checks: write - pull-requests: write + pull-requests: write # to be able to comment on released pull requests + id-token: write # to enable use of OIDC for npm provenance steps: - name: Checkout @@ -26,64 +27,38 @@ jobs: - uses: cachix/install-nix-action@v21 with: nix_path: nixpkgs=https://github.com/nixos/nixpkgs/archive/9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e.tar.gz -# -# - name: Kind setup -# id: kind -# run: nix-shell --command "make kind setup" -# -# - name: Run integration tests -# id: integrated-test -# run: nix-shell --command "make build integrated-test" -# -# - name: Publish Test Results -# uses: EnricoMi/publish-unit-test-result-action@v2 -# if: success() || failure() -# with: -# files: | -# test-reports/*-tests-report.xml - dist: - needs: [build] - name: Build executables for other platforms - strategy: - matrix: - os: [windows, linux] - arch: [amd64, 386] - include: - - os: darwin - arch: amd64 - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 + - name: Kind setup + id: kind + run: nix-shell --command "make kind setup" - - uses: cachix/install-nix-action@v21 + - name: Run integration tests + id: integrated-test + run: nix-shell --command "make build integrated-test" + + - name: Publish Test Results + uses: EnricoMi/publish-unit-test-result-action@v2 + if: success() || failure() with: - nix_path: nixpkgs=https://github.com/nixos/nixpkgs/archive/9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e.tar.gz + files: | + test-reports/*-tests-report.xml - - name: Build executable for ${{matrix.os}} on ${{matrix.arch}} - run: nix-shell --command "make dist" - env: - GOOS: ${{ matrix.os }} - GOARCH: ${{ matrix.arch }} + - name: Build executables for other platforms + id: build-other-platforms + run: nix-shell --command "make build-other-platforms" - - name: Store dist artifacts - uses: actions/upload-artifact@v4 + - name: Release - setup Node.js + uses: actions/setup-node@v4 with: - name: dist - path: build/bin/production-readiness* - retention-days: 1 + node-version: "lts/*" - release: - #if: github.ref == 'refs/heads/main' && success() - if: success() - uses: ./.github/workflows/release.yaml - needs: [dist] - name: Release - with: - dry-run: false - permissions: - contents: write # to be able to publish a GitHub release - issues: write # to be able to comment on released issues - pull-requests: write # to be able to comment on released pull requests - id-token: write # to enable use of OIDC for npm provenance + - name: Release - install dependencies + run: npm ci + + - name: Release - verify installed dependencies + run: npm audit signatures + + - name: Release - perform the release + run: npx semantic-release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index 4d3626a..0000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,50 +0,0 @@ -name: Release -on: - workflow_call: - inputs: - dry-run: - type: boolean - required: false - default: false - -jobs: - release: - name: Release - runs-on: ubuntu-latest - outputs: - version: ${{ steps.setversion.outputs.version }} - permissions: - contents: write # to be able to publish a GitHub release - issues: write # to be able to comment on released issues - pull-requests: write # to be able to comment on released pull requests - id-token: write # to enable use of OIDC for npm provenance - steps: - - name: Download dist artifacts - uses: actions/download-artifact@v4 - with: - name: dist - path: build/bin - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: "lts/*" - - name: Install dependencies - run: npm ci - - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies - run: npm audit signatures - - name: Release - run: | - if [ '${{ inputs.dry-run }}' == 'true' ]; then - echo "--Running semantic release in dry-run mode" - npx semantic-release --dry-run - else - echo "--Running semantic release in normal mode" - npx semantic-release - fi - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - diff --git a/.releaserc b/.releaserc index 0e345c6..06f8f58 100644 --- a/.releaserc +++ b/.releaserc @@ -6,8 +6,8 @@ "@semantic-release/github", { "assets": [ - { "path": "build//bin/production-readiness-amd64.window", "label": "Windows amd64 distribution" }, - { "path": "build/bin/production-readiness-386.window", "label": "Windows 386 distribution" }, + { "path": "build//bin/production-readiness-amd64.exe", "label": "Windows amd64 distribution" }, + { "path": "build/bin/production-readiness-386.exe", "label": "Windows 386 distribution" }, { "path": "build/bin/production-readiness-amd64-darwin", "label": "Darwin amd64 distribution" }, { "path": "build/bin/production-readiness-amd64-linux ", "label": "Linux amd64 distribution" }, { "path": "build/bin/production-readiness-386-linux ", "label": "Linux 386 distribution" }, diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ea2bdb1..bc651fc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -64,6 +64,7 @@ make integrated-test Use [semantic-release](https://github.com/semantic-release/github) to automate versioning, tag and create GitHub releases based on the commit message. +semantic-release works from release branches, not pull requests. As a result nothing will be released on pull requests. Commit messages must follow [Angular Commit Message Conventions](https://github.com/angular/angular/blob/main/CONTRIBUTING.md#-commit-message-format) diff --git a/Makefile b/Makefile index b1ce1b2..c5f392c 100644 --- a/Makefile +++ b/Makefile @@ -55,12 +55,16 @@ test: .PHONY: build build: check test @echo "== build" - GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o $(buildDir)/bin/production-readiness -v github.com/coreeng/production-readiness/production-readiness/cmd - -.PHONY: dist -dist: - @echo "== build distribution for platform $(GOOS) on $(GOARCH)" - GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o $(buildDir)/bin/production-readiness-$(GOARCH).$(GOOS) -v github.com/coreeng/production-readiness/production-readiness/cmd + GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o $(buildDir)/bin/production-readiness -v github.com/coreeng/production-readiness/production-readiness/cmd + +.PHONY: build-other-platforms +build-other-platforms: + @echo "== build for other platforms" + GOOS=windows GOARCH=amd64 go build -o $(buildDir)/bin/production-readiness-amd64.exe -v github.com/coreeng/production-readiness/production-readiness/cmd + GOOS=windows GOARCH=386 go build -o $(buildDir)/bin/production-readiness-386.exe -v github.com/coreeng/production-readiness/production-readiness/cmd + GOOS=darwin GOARCH=amd64 go build -o $(buildDir)/bin/production-readiness-amd64-darwin -v github.com/coreeng/production-readiness/production-readiness/cmd + GOOS=linux GOARCH=amd64 go build -o $(buildDir)/bin/production-readiness-amd64-linux -v github.com/coreeng/production-readiness/production-readiness/cmd + GOOS=linux GOARCH=386 go build -o $(buildDir)/bin/production-readiness-386-linux -v github.com/coreeng/production-readiness/production-readiness/cmd .PHONY: install install: build