2022-04-03 04:06:54 +00:00
|
|
|
# This GitHub action can publish assets for release when a tag is created.
|
|
|
|
# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0).
|
|
|
|
#
|
|
|
|
# This uses an action (hashicorp/ghaction-import-gpg) that assumes you set your
|
|
|
|
# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE`
|
|
|
|
# secret. If you would rather own your own GPG handling, please fork this action
|
|
|
|
# or use an alternative one for key handling.
|
|
|
|
#
|
|
|
|
# You will need to pass the `--batch` flag to `gpg` in your signing step
|
|
|
|
# in `goreleaser` to indicate this is being used in a non-interactive mode.
|
|
|
|
#
|
|
|
|
name: release
|
|
|
|
on:
|
|
|
|
push:
|
|
|
|
tags:
|
|
|
|
- 'v*'
|
|
|
|
jobs:
|
|
|
|
goreleaser:
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
2022-12-24 17:37:41 +00:00
|
|
|
- name: Checkout
|
2022-04-03 04:06:54 +00:00
|
|
|
uses: actions/checkout@v3
|
2022-12-24 17:37:41 +00:00
|
|
|
- name: Unshallow
|
2022-04-03 04:06:54 +00:00
|
|
|
run: git fetch --prune --unshallow
|
2022-12-24 17:37:41 +00:00
|
|
|
- name: Set up Go
|
2023-03-20 20:22:19 +00:00
|
|
|
uses: actions/setup-go@v4
|
2022-04-03 04:06:54 +00:00
|
|
|
with:
|
2022-06-12 14:36:21 +00:00
|
|
|
go-version: 1.18
|
2022-12-24 17:37:41 +00:00
|
|
|
- name: Import GPG key
|
2022-04-03 04:06:54 +00:00
|
|
|
id: import_gpg
|
2022-12-18 17:13:34 +00:00
|
|
|
uses: crazy-max/ghaction-import-gpg@v5.2.0
|
2022-08-06 14:21:18 +00:00
|
|
|
with:
|
|
|
|
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
|
|
|
|
passphrase: ${{ secrets.PASSPHRASE }}
|
2022-12-24 17:37:41 +00:00
|
|
|
- name: setup-syft
|
|
|
|
run: |
|
|
|
|
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | \
|
|
|
|
sh -s -- -b /usr/local/bin v0.64.0
|
|
|
|
- name: Run GoReleaser
|
2023-01-31 19:40:16 +00:00
|
|
|
uses: goreleaser/goreleaser-action@v4.2.0
|
2022-04-03 04:06:54 +00:00
|
|
|
with:
|
|
|
|
version: latest
|
|
|
|
args: release --rm-dist
|
|
|
|
env:
|
|
|
|
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
|
|
|
|
# GitHub sets this automatically
|
|
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|