forked from ossf/scorecard
58 lines (55 loc) · 1.89 KB
/
goreleaser.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Copyright 2021 Security Scorecard Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: goreleaser
on:
push:
tags:
- "*" # triggers only if push new tag version, like `0.8.4` or else
jobs:
goreleaser:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
-
name: Checkout
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.3.4
with:
fetch-depth: 0
-
name: Set up Go
uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0
with:
go-version: 1.17
-
name: Configure ldflags
id: ldflags
run: echo "::set-output name=version_flags::$(./scripts/version-ldflags)"
-
name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@b7c9a01276e14c606a92f6cbeb4dd439bea001b5 # v3.1.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
-
name: Run GoReleaser
uses: goreleaser/goreleaser-action@b953231f81b8dfd023c58e0854a721e35037f28b # v2.5.0
with:
version: latest
args: release --rm-dist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
VERSION_LDFLAGS: ${{ steps.ldflags.outputs.version_flags }}