Skip to content

Uncomment goreleaser step #52

Uncomment goreleaser step

Uncomment goreleaser step #52

Workflow file for this run

# STACKIT CLI release workflow.
name: Release
# This GitHub action creates a release when a tag that matches the pattern
# "v*" (e.g. v0.1.0) is created.
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-*"
workflow_dispatch:
# Releases need permissions to read and write the repository contents.
# GitHub considers creating releases and uploading assets as writing contents.
permissions:
contents: write
jobs:
goreleaser:
runs-on: macOS-latest
env:
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }}
# Needed to publish new packages to our S3-hosted APT repo
AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v4
with:
# Allow goreleaser to access older tag information.
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version-file: "go.mod"
cache: true
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
id: import_gpg
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
# - name: Set up keychain
# run: |
# echo -n $SIGNING_CERTIFICATE_BASE64 | base64 -d -o ./ApplicationID.p12
# KEYCHAIN_PATH=$RUNNER_TEMP/ios_signing_temp.keychain-db
# security create-keychain -p "${{ secrets.TEMP_KEYCHAIN }}" $KEYCHAIN_PATH
# security default-keychain -s $KEYCHAIN_PATH
# security unlock-keychain -p "${{ secrets.TEMP_KEYCHAIN }}" $KEYCHAIN_PATH
# security import ./ApplicationID.p12 -P "${{ secrets.APPLICATION_ID }}" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
# security list-keychain -d user -s $KEYCHAIN_PATH
# echo -n $AUTHKEY_BASE64 | base64 -d -o ./AuthKey.p8
# xcrun notarytool store-credentials stackit-cli -i $APPLE_ISSUER -d $APPLE_KEY_ID -k AuthKey.p8 --keychain $KEYCHAIN_PATH
# rm ./ApplicationID.p12
# rm ./AuthKey.p8
# env:
# APPLE_ISSUER: ${{ secrets.APPLE_ISSUER }}
# APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
# SIGNING_CERTIFICATE_BASE64: ${{ secrets.APPLICATION_ID_CERT }}
# AUTHKEY_BASE64: ${{ secrets.APPLE_API_KEY }}
- name: Install Aptly
run: brew install aptly
- name: Install Snapcraft
uses: samuelmeuli/action-snapcraft@v2
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5
with:
args: release --clean --skip=publish
env:
GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
- name: Publish packages to APT repo
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
GPG_PRIVATE_KEY_ID: ${{ steps.import_gpg.outputs.keyid }}
run: ./scripts/publish-apt-packages.sh