Skip to content
goreleaser

chore(deps): update docker/setup-qemu-action digest to 2910929 [relea… #448

Sign in to view logs

chore(deps): update docker/setup-qemu-action digest to 2910929 [relea…

chore(deps): update docker/setup-qemu-action digest to 2910929 [relea… #448

Workflow file for this run

.github/workflows/goreleaser.yml at 4d23d48
name: goreleaser
on:
workflow_dispatch:
push:
branches:
- main
- next
tags:
- "*"
release:
types:
- published
permissions:
contents: write
packages: write
id-token: write
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
if: github.event_name == 'pull_request'
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.ref }}
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
if: github.event_name != 'pull_request'
with:
fetch-depth: 0
- name: setup-go
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5
with:
go-version: 1.21.x
- name: setup qemu
id: qemu
uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
- name: setup docker buildx
id: buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: install cosign
uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3
- name: install quill
env:
QUILL_VERSION: 0.4.1
run: |
curl -Lo /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz https://github.com/anchore/quill/releases/download/v${QUILL_VERSION}/quill_${QUILL_VERSION}_linux_amd64.tar.gz
tar -xvf /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz -C /tmp
mv /tmp/quill /usr/local/bin/quill
chmod +x /usr/local/bin/quill
- name: set goreleaser default args
if: startsWith(github.ref, 'refs/tags/') == true
run: |
echo "GORELEASER_ARGS=" >> $GITHUB_ENV
- name: set goreleaser args for branch
if: startsWith(github.ref, 'refs/tags/') == false
run: |
echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV
- name: set goreleaser args renovate
if: startsWith(github.ref, 'refs/heads/renovate') == true
run: |
echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV
- name: setup quill
uses: 1password/load-secrets-action@581a835fb51b8e7ec56b71cf2ffddd7e68bb25e0 # v2
if: startsWith(github.ref, 'refs/tags/') == true && (github.actor == github.repository_owner || github.actor == 'ekristen-dev[bot]')
with:
export-env: true
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }}
QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }}
QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }}
QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }}
QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }}
- name: run goreleaser
uses: goreleaser/goreleaser-action@90a3faa9d0182683851fbfa97ca1a2cb983bfca3 # v6
with:
distribution: goreleaser
version: latest
args: release --clean ${{ env.GORELEASER_ARGS }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: push docker images (for branches)
if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main'
run: |
docker images --format "{{.Repository}}:{{.Tag}}" | grep "${{ github.repository }}" | xargs -L1 docker push
- name: upload artifacts
if: ${{ github.event.pull_request.base.ref == 'main' || github.event_name == 'workflow_dispatch' }}
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
with:
name: binaries
path: releases/*.tar.gz