From 029a68723d5b98df895bcca25f7be4a421f218f8 Mon Sep 17 00:00:00 2001 From: Arthur Amstutz Date: Mon, 8 Jul 2024 14:46:21 +0000 Subject: [PATCH] fix: Release workflow + goreleaser --- .github/workflows/release.yml | 61 ++++++++++++++++------------------- .goreleaser.yml | 15 +++------ CHANGELOG.md | 2 +- 3 files changed, 33 insertions(+), 45 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 62b420c28..c08bd95f2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,49 +1,42 @@ -# This GitHub action can publish assets for release when a tag is created. -# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0). -# -# This uses an action (paultyng/ghaction-import-gpg) that assumes you set your -# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE` -# secret. If you would rather own your own GPG handling, please fork this action -# or use an alternative one for key handling. -# -# You will need to pass the `--batch` flag to `gpg` in your signing step -# in `goreleaser` to indicate this is being used in a non-interactive mode. -# + +# Terraform Provider release workflow. name: release + +# This GitHub action creates a release when a tag that matches the pattern +# "v*" (e.g. v0.1.0) is created. on: push: tags: - 'v*' - workflow_dispatch: + +# Releases need permissions to read and write the repository contents. +# GitHub considers creating releases and uploading assets as writing contents. +permissions: + contents: write jobs: goreleaser: - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v2 - - - name: Unshallow - run: git fetch --prune --unshallow - - - name: Set up Go - uses: actions/setup-go@v2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: - go-version: '1.21' - - - name: Import GPG key + # Allow goreleaser to access older tag information. + fetch-depth: 0 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + with: + go-version-file: 'go.mod' + cache: true + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 id: import_gpg - uses: yanndegat/ghaction-import-gpg@v2.1.1-testkeygrips - env: - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - PASSPHRASE: ${{ secrets.PASSPHRASE }} - - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2 with: - version: latest + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 + with: args: release --clean env: - GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + # GitHub sets the GITHUB_TOKEN secret automatically. GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml index 77bb1af15..2129a9be6 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,5 +1,6 @@ # Visit https://goreleaser.com for documentation on how to customize this # behavior. +version: 2 before: hooks: # this is just an example and not a requirement for provider building/publishing @@ -7,7 +8,7 @@ before: builds: - env: # goreleaser does not work with CGO, it could also complicate - # usage by users in CI/CD systems like Terraform Cloud where + # usage by users in CI/CD systems like HCP Terraform where # they are unable to install libraries. - CGO_ENABLED=0 mod_timestamp: '{{ .CommitTimestamp }}' @@ -28,8 +29,6 @@ builds: ignore: - goos: darwin goarch: '386' - - goos: windows - goarch: 'arm64' binary: '{{ .ProjectName }}_v{{ .Version }}' archives: - format: zip @@ -40,13 +39,9 @@ checksum: signs: - artifacts: checksum args: - # if you are using this is a GitHub action or some other automated pipeline, you + # if you are using this in a GitHub action or some other automated pipeline, you # need to pass the batch flag to indicate its not interactive. - "--batch" - - "--yes" - - "--no-tty" - - "--pinentry-mode" - - "loopback" - "--local-user" - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key - "--output" @@ -54,7 +49,7 @@ signs: - "--detach-sign" - "${artifact}" release: - # If you want to manually examine the release before its live, uncomment this line: + # If you want to manually examine the release before its live, uncomment this line: # draft: true changelog: - skip: true + disable: true \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index fa894c703..de61d20a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## 0.46.0 (July 8, 2024) +## 0.46.1 (July 8, 2024) 🎉 Features: