Skip to content

chore: sign Linux packages #9

chore: sign Linux packages

chore: sign Linux packages #9

Workflow file for this run

name: Release
on:
push:
tags:
- "*"
permissions:
checks: write
contents: write
packages: write
pull-requests: write
pages: write
id-token: write
jobs:
release:
runs-on: ubuntu-latest
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: '0'
fetch-tags: 'true'
- name: Setup Go
uses: actions/setup-go@v5
with:
# Semantic version range syntax or exact version of Go
go-version: '1.21.x'
- name: Setup Syft
run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
- uses: ruby/setup-ruby@v1
with:
ruby-version: '3.3'
bundler-cache: true
- run: gem install asciidoctor
- name: Install gotestsum
run: go install gotest.tools/gotestsum@latest
- name: Init go
run: |
go mod download
go generate .
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
- name: Test
run: |
gotestsum --format pkgname -- -covermode=atomic ./...
- name: Prepare GPG setup
run: |
mkdir -p $GITHUB_WORKSPACE/.gnupg
echo "${{ secrets.GPG_SIGNING_KEY }}" | base64 -d > $GITHUB_WORKSPACE/.gnupg/gpg.key
- name: Release
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_TAP_PAT: ${{ secrets.GH_TAP_PAT }}
GH_WINGET_PAT: ${{ secrets.GH_WINGET_PAT }}
NFPM_GIT_AGE_PASSPHRASE: ${{ secrets.NFPM_GIT_AGE_PASSPHRASE }}
UPLOAD_RPM_SECRET: ${{ secrets.UPLOAD_RPM_SECRET }}
UPLOAD_DEB_SECRET: ${{ secrets.UPLOAD_DEB_SECRET }}
- name: Setup Pages
uses: actions/configure-pages@v4
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: 'out/html/'
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4