-
Notifications
You must be signed in to change notification settings - Fork 0
176 lines (176 loc) · 6.09 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Package this version
on:
push:
branches:
- main
tags:
- "v*"
pull_request:
permissions:
contents: write
jobs:
version:
name: Collect the version
runs-on: ubuntu-latest
outputs:
version: ${{ steps.tag.outputs.version }}
steps:
- name: Checkout the repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Collect the current version
id: tag
run: |
echo "$(git describe --dirty --always --tags)"
echo "version=$(git describe --dirty --always --tags)" >> "$GITHUB_ENV"
echo "version=$(git describe --dirty --always --tags)" >> "$GITHUB_OUTPUT"
snapshot:
name: Save a snapshot
needs: version
if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
env:
version: ${{ needs.version.outputs.version }}
steps:
- name: Checkout the repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install a flaked Nix
uses: DeterminateSystems/nix-installer-action@v16
- name: Create snapshots
run: nix develop -c goreleaser release --clean --snapshot --skip=publish --config .goreleaser.staging.yml
- name: Mark logged changes
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_CHANGELOG.md
path: ./CHANGELOG.md
if-no-files-found: error
- name: Upload the checksums
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_checksums.txt
path: ./dist/etime_${{ env.version }}_checksums.txt
if-no-files-found: error
- name: Enscribe legal letter
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_LICENSE
path: ./LICENSE
if-no-files-found: error
- name: Read the manual pages
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_man.1
path: ./etime.1
if-no-files-found: error
- name: Write welcoming markdown
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_README.md
path: ./README.md
if-no-files-found: error
- name: Cache the moments
uses: actions/cache/save@v4
if: always()
with:
path: ./dist
key: snapshots-${{ github.sha }}
artifacts:
name: Share the artifacts
needs:
- snapshot
- version
runs-on: ubuntu-latest
env:
version: ${{ needs.version.outputs.version }}
strategy:
matrix:
target:
- darwin_arm64.tar.gz
- darwin_x86_64.tar.gz
- linux_arm64.tar.gz
- linux_i386.tar.gz
- linux_x86_64.tar.gz
- windows_arm64.zip
- windows_i386.zip
- windows_x86_64.zip
steps:
- name: Checkout the repo
uses: actions/checkout@v4
- name: Restore cached snapshots
uses: actions/cache/restore@v4
with:
path: ./dist
key: snapshots-${{ github.sha }}
- name: Upload a snapshot
uses: actions/upload-artifact@v4
with:
name: etime_${{ env.version }}_${{ matrix.target }}
path: ./dist/etime_${{ env.version }}_${{ matrix.target }}
if-no-files-found: error
notify:
name: Post a notification
needs: artifacts
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Leave a comment
run: |
PR_COMMENT="Latest builds: https://github.com/$GH_REPO/actions/runs/$GH_RUN_ID"
PR_REF="${{ github.ref_name }}"
if [[ $PR_REF == *"/merge" ]]; then
PR_REF="${PR_REF%%/merge}"
fi
if ! gh pr comment "$PR_REF" --repo "$GH_REPO" --edit-last --body "$PR_COMMENT"; then
gh pr comment "$PR_REF" --repo "$GH_REPO" --body "$PR_COMMENT"
fi
env:
GH_TOKEN: ${{ github.token }}
GH_REPO: ${{ github.repository }}
GH_RUN_ID: ${{ github.run_id }}
release:
name: Distribute a release
needs: version
if: ${{ startsWith(github.ref, 'refs/tags/') }}
runs-on: macos-latest
env:
version: ${{ needs.version.outputs.version }}
steps:
- name: Checkout the repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Secure the keychain
run: |
echo $CERTIFICATE_P12 | base64 --decode > certificate.p12
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
security import certificate.p12 -k build.keychain -P $CERTIFICATE_PASSWORD -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain
env:
CERTIFICATE_P12: ${{ secrets.CERTIFICATE_P12 }}
CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
- name: Install a flaked Nix
uses: DeterminateSystems/nix-installer-action@v16
- name: Create releases
run: nix develop .#gon -c goreleaser release --clean --config .goreleaser.release.yml
env:
AC_USERNAME: ${{ secrets.AC_USERNAME }}
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Include documentation
run: |
gh release upload ${{ env.version }} CHANGELOG.md#etime_${{ env.version }}_CHANGELOG.md
gh release upload ${{ env.version }} LICENSE#etime_${{ env.version }}_LICENSE
gh release upload ${{ env.version }} etime.1#etime_${{ env.version }}_man.1
gh release upload ${{ env.version }} README.md#etime_${{ env.version }}_README.md
env:
GH_TOKEN: ${{ github.token }}