feat: allowlist commands (#767) #104
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow is for canary releases, automatically triggered by push to v1.0 branch. | |
| # This workflow is identical to "release.yml" with these exceptions: | |
| # - Triggered by push to v1.0 branch | |
| # - Github Release tagged as "canary" | |
| on: | |
| push: | |
| paths-ignore: | |
| - 'docs/**' | |
| branches: | |
| - main | |
| name: Canary | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # ------------------------------------ | |
| # 1) Build CLI for multiple OS/Arch | |
| # ------------------------------------ | |
| build-cli: | |
| uses: ./.github/workflows/build-cli.yml | |
| # ------------------------------------ | |
| # 2) Upload Install CLI Script (we only need to do this once) | |
| # ------------------------------------ | |
| install-script: | |
| name: Upload Install Script | |
| runs-on: ubuntu-latest | |
| needs: [ build-cli ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: download_cli.sh | |
| path: download_cli.sh | |
| # ------------------------------------------------------------ | |
| # 3) Bundle Desktop App (macOS only) - builds goosed and Electron app | |
| # ------------------------------------------------------------ | |
| bundle-desktop: | |
| uses: ./.github/workflows/bundle-desktop.yml | |
| with: | |
| signing: true | |
| secrets: | |
| CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }} | |
| CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| # ------------------------------------ | |
| # 4) Create/Update GitHub Release | |
| # ------------------------------------ | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| needs: [ build-cli, install-script, bundle-desktop ] | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| # Create/update the canary release | |
| - name: Release canary | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| tag: canary | |
| name: Canary | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| artifacts: | | |
| goose-*.tar.bz2 | |
| Goose*.zip | |
| download_cli.sh | |
| allowUpdates: true | |
| omitBody: true | |
| omitPrereleaseDuringUpdate: true |