Skip to content

Update workflow permissions #33

Update workflow permissions

Update workflow permissions #33

Workflow file for this run

name: Release
on:
pull_request:
paths:
- .github/workflows/release.yml
- ./scripts/release_notes
- .goreleaser.yml
push:
tags:
- "v*"
jobs:
test:
uses: Open-CMSIS-Pack/cbuild2cmake/.github/workflows/test.yml@main
goreleaser:
needs: test
permissions:
contents: write # for goreleaser/goreleaser-action to create a GitHub release
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Download test results
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: test-results-*
path: testreport/
- name: Zip test reports
run: |
zip -r testreport.zip testreport
- name: Attach test report to release assets
if: startsWith(github.ref, 'refs/tags/')
uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: testreport.zip
tag: ${{ github.ref }}
overwrite: true
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- name: Generate release notes
run: |
./scripts/release_notes > /tmp/RELEASE_NOTES
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
with:
version: latest
args: release ${{ github.event_name != 'push' && '--snapshot' || '' }} --clean --release-notes=/tmp/RELEASE_NOTES
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}