Skip to content

Commit

Permalink
Merge pull request #5 from egibs/release-automation
Browse files Browse the repository at this point in the history
Create releases via macos-latest + GoReleaser
  • Loading branch information
egibs authored Aug 14, 2024
2 parents 2267622 + a001f70 commit c2dfe52
Show file tree
Hide file tree
Showing 3 changed files with 119 additions and 135 deletions.
67 changes: 29 additions & 38 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
@@ -1,45 +1,36 @@
name: Cut Release
name: release

# run only on tags
on:
workflow_dispatch:
push:
tags:
- 'v*'

permissions:
id-token: write
contents: write

env:
VERSION_FILE: pkg/version/version.go
id-token: write # needed for federation
contents: write # needed to write releases

jobs:
tag:
if: ${{ github.repository }} == 'chainguard-dev/bincapz'
runs-on: ubuntu-latest
release:
if: github.ref_type == 'tag'
runs-on: macos-latest
steps:
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: chainguard-dev/actions/setup-gitsign@e82b4e5ae10182af72972addcb3fedf7454621c8
- name: Get Version
id: get-version
run: |
VERSION=$(awk -F'"' '/ID string =/ {print $2}' ${{ env.VERSION_FILE }})
if [[ ! "${VERSION}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Error: VERSION is not a valid semver"
exit 1
fi
echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
- name: Create Release
env:
GH_TOKEN: ${{ github.token }}
if: ${{ steps.get-version.outputs.VERSION != '' }}
run: |
VERSION=${{ steps.get-version.outputs.VERSION }}
if [[ ! "${VERSION}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Error: VERSION is not a valid semver"
exit 1
fi
git config --global tag.gpgsign true
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
gh release create "$VERSION" --title "$VERSION" --notes "Release $VERSION" --draft
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: go.mod
cache: true
- uses: goto-bus-stop/setup-zig@7ab2955eb728f5440978d5824358023be3a2802d
- name: Set output
id: macos_sdk
run: echo "path=$(xcrun --show-sdk-path)" >> $GITHUB_OUTPUT
- uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200
with:
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SDK_PATH: ${{ steps.macos_sdk.outputs.path }}
VERSION: ${{ github.ref_name }}
83 changes: 0 additions & 83 deletions .github/workflows/version.yaml

This file was deleted.

104 changes: 90 additions & 14 deletions .goreleaser.yaml
Original file line number Diff line number Diff line change
@@ -1,28 +1,104 @@
# Sourced and adapted from https://github.com/goreleaser/goreleaser-example-zig-cgo/blob/master/.goreleaser.yaml
project_name: bincapz

before:
hooks:
- go mod tidy

builds:
- id: bincapz-build
binary: bincapz
main: ./
- id: bincapz-macos-build
goos:
- darwin
- linux
- windows
- darwin
goarch:
- amd64
- arm64
ldflags:
- -s -w
- -X main.BuildVersion={{.Env.VERSION}}
flags:
- -trimpath
mod_timestamp: '{{ .CommitTimestamp }}'
- -trimpath
- -buildmode=pie
env:
- CGO_ENABLED=1
- >-
{{- if eq .Os "darwin" }}
{{- if eq .Arch "amd64"}}CC=zig c -target x86_64-macos-none -F{{ .Env.SDK_PATH }}/System/Library/Frameworks{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c -target aarch64-macos-none -F{{ .Env.SDK_PATH }}/System/Library/Frameworks{{- end }}
{{- end }}
- >-
{{- if eq .Os "darwin" }}
{{- if eq .Arch "amd64"}}CC=zig c++ -target x86_64-macos-none -F{{ .Env.SDK_PATH }}/System/Library/Frameworks{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c++ -target aarch64-macos-none -F{{ .Env.SDK_PATH }}/System/Library/Frameworks{{- end }}
{{- end }}
- id: bincapz-linux-build
goos:
- linux
goarch:
- amd64
- arm64
ldflags:
- -s -w
- -X main.BuildVersion={{.Env.VERSION}}
flags:
- -trimpath
env:
- CGO_ENABLED=1
- >-
{{- if eq .Os "linux" }}
{{- if eq .Arch "amd64" }}CC=zig c -target x86_64-linux-musl{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c -target aarch64-linux-musl{{- end }}
{{- end }}
- >-
{{- if eq .Os "linux" }}
{{- if eq .Arch "amd64" }}CC=zig c++ -target x86_64-linux-musl{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c++ -target aarch64-linux-musl{{- end }}
{{- end }}
- id: bincapz-windows-build
goos:
- windows
goarch:
- amd64
- arm64
ldflags:
- -X main.BuildVersion={{.Version}}
- -s -w
- -X main.BuildVersion={{.Env.VERSION}}
flags:
- -trimpath
env:
- CGO_ENABLED=1
- >-
{{- if eq .Os "windows" }}
{{- if eq .Arch "amd64" }}CC=zig c -target x86_64-windows-gnu{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c -target aarch64-windows-gnu{{- end }}
{{- end }}
- >-
{{- if eq .Os "windows" }}
{{- if eq .Arch "amd64" }}CC=zig c++ -target x86_64-windows-gnu{{- end }}
{{- if eq .Arch "arm64"}}CC=zig c++ -target aarch64-windows-gnu{{- end }}
{{- end }}
archives:
- format: tar.gz
# this name template makes the OS and Arch compatible with the results of uname.
name_template: >-
{{ .ProjectName }}_
{{- title .Os }}_
{{- if eq .Arch "amd64" }}x86_64
{{- else if eq .Arch "386" }}i386
{{- else }}{{ .Arch }}{{ end }}
{{- if .Arm }}v{{ .Arm }}{{ end }}
# use zip for windows archives
format_overrides:
- goos: windows
format: zip
checksum:
name_template: 'checksums.txt'

changelog:
sort: asc

snapshot:
name_template: "{{ incpatch .Version }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'

0 comments on commit c2dfe52

Please sign in to comment.