launchdarkly · monsagri · Feb 27, 2023 · Feb 27, 2023
@@ -1,5 +1,10 @@
 # Visit https://goreleaser.com for documentation on how to customize this
 # behavior.
+# TODO: Figure out why this won't grab the correct dir off env
+# dist: {{ .Env.LD_RELEASE_ARTIFACTS_DIR }} // fails with  unmarshal errors: cannot unmarshal !!map into string
+# dist: "{{ .Env.LD_RELEASE_ARTIFACTS_DIR }}" // Doesn't replace the variable with actual value
+# Below is the default that project-releaser sets - we can probably leave this hardcoded for now as it won't change
+dist: /tmp/project-releaser/artifacts
 before:
   hooks:
     # this is just an example and not a requirement for provider building/publishing
@@ -48,7 +53,7 @@ signs:
       - "--detach-sign"
       - "${artifact}"
 release:
-  # Visit your project's GitHub Releases page to publish this release.
-  draft: true
+  # Actually creating the release is handled by project-releaser
+  disable: true
 changelog:
   skip: true
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -ue
+
+echo "Skipping build step as we want to build artifacts after tagging in the publish step"
@@ -0,0 +1,18 @@
+version: 2
+
+repo:
+  public: terraform-provider-launchdarkly
+  private: terraform-provider-launchdarkly-private
+
+jobs:
+  - docker:
+      image: golang:1.18-buster
+      copyGitHistory: true
+    template:
+      name: go
+      # We run the tests as part of every merge
+      skip:
+        - test
+
+branches:
+  - name: main
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -ue
+# Prep for getting goreleaser
+echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | tee /etc/apt/sources.list.d/goreleaser.list
+apt-get update
+# Get goreleaser and gnupg
+apt-get install -y --no-install-recommends \
+    goreleaser \
+    gnupg \
+; \
+
+# Get GPG Key
+echo -e "$(cat "${LD_RELEASE_SECRETS_DIR}/gpg_private_key")" | gpg --import --batch --no-tty
+echo "hello world" > temp.txt
+gpg --detach-sig --yes -v --output=/dev/null --pinentry-mode loopback --passphrase "$(cat "${LD_RELEASE_SECRETS_DIR}/gpg_passphrase")" temp.txt
+rm temp.txt
+# Set it to env
+export GPG_FINGERPRINT=$(gpg --with-colons --list-keys | awk -F: '/^pub/ { print $5 }')
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -ue
+
+# Run goreleaser
+# We can't run in the build step, as project-releaser only tags the commit after the build step finishes and goreleaser pulls the tag off the most recent commit
+GPG_FINGERPRINT=$(gpg --with-colons --list-keys | awk -F: '/^pub/ { print $5 }') GITHUB_TOKEN="$(cat "${LD_RELEASE_SECRETS_DIR}/github_token")" LD_RELEASE_ARTIFACTS_DIR="${LD_RELEASE_ARTIFACTS_DIR}" goreleaser release --clean --snapshot
+
+# Remove extra files that we don't want in our release
+rm /tmp/project-releaser/artifacts/artifacts.json
+rm /tmp/project-releaser/artifacts/metadata.json
+rm /tmp/project-releaser/artifacts/config.yaml
+# Remove the binaries themselves as goreleaser puts them in subfolders
+# We only want to keep the .zip files to release
+rm -rf /tmp/project-releaser/artifacts/*/
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -ue
+
+# Run goreleaser
+# We can't run in the build step, as project-releaser only tags the commit after the build step finishes and goreleaser pulls the tag off the most recent commit
+GPG_FINGERPRINT=$(gpg --with-colons --list-keys | awk -F: '/^pub/ { print $5 }') GITHUB_TOKEN="$(cat "${LD_RELEASE_SECRETS_DIR}/github_token")" goreleaser release --clean --release-notes ../entry.tmp
+
+# Remove extra files that we don't want in our release
+rm /tmp/project-releaser/artifacts/artifacts.json
+rm /tmp/project-releaser/artifacts/metadata.json
+rm /tmp/project-releaser/artifacts/config.yaml
+# Remove the binaries themselves as goreleaser puts them in subfolders
+# We only want to keep the .zip files to release
+rm -rf /tmp/project-releaser/artifacts/*/
@@ -0,0 +1,4 @@
+gpg_private_key=blob:/terraform-provider/private.pgp
+gpg_passphrase=param:/production/common/releasing/terraform-provider/gpg-passphrase
+# This token is the default config token for the releaser, set in it's releaser.conf
+github_token=param:/staging/common/services/github/releaser_access_token