chore: sign Linux packages #7
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "*" | |
| permissions: | |
| checks: write | |
| contents: write | |
| packages: write | |
| pull-requests: write | |
| pages: write | |
| id-token: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '0' | |
| fetch-tags: 'true' | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| # Semantic version range syntax or exact version of Go | |
| go-version: '1.21.x' | |
| - name: Setup Syft | |
| run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: '3.3' | |
| bundler-cache: true | |
| - run: gem install asciidoctor | |
| - name: Install gotestsum | |
| run: go install gotest.tools/gotestsum@latest | |
| - name: Init go | |
| run: | | |
| go mod download | |
| go generate . | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v3 | |
| - name: Test | |
| run: | | |
| gotestsum --format pkgname -- -covermode=atomic ./... | |
| - name: Prepare GPG setup | |
| run: | | |
| mkdir -p $GITHUB_WORKSPACE/.gnupg | |
| echo "${{ secrets.GPG_SIGNING_KEY }}" | base64 -d > $GITHUB_WORKSPACE/.gnupg/gpg.key | |
| - name: Release | |
| uses: goreleaser/goreleaser-action@v5 | |
| with: | |
| distribution: goreleaser | |
| version: latest | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_TAP_PAT: ${{ secrets.GH_TAP_PAT }} | |
| GH_WINGET_PAT: ${{ secrets.GH_WINGET_PAT }} | |
| NFPM_GIT_AGE_PASSPHRASE: ${{ secrets.NFPM_GIT_AGE_PASSPHRASE }} | |
| UPLOAD_RPM_SECRET: ${{ secrets.UPLOAD_RPM_SECRET }} | |
| UPLOAD_DEB_SECRET: ${{ secrets.UPLOAD_DEB_SECRET }} | |
| - name: Setup Pages | |
| uses: actions/configure-pages@v4 | |
| - name: Upload artifact | |
| uses: actions/upload-pages-artifact@v3 | |
| with: | |
| path: 'out/html/' | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 |