release #5
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Creates a GitHub Release. | |
| # Workflow is manually run. | |
| # Preselect branch or tag before running this workflow. | |
| name: release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| prerelease: | |
| description: "Mark this release as a prerelease" | |
| required: true | |
| default: true | |
| type: boolean | |
| make-latest: | |
| description: "Latest release" | |
| required: true | |
| default: false | |
| type: boolean | |
| permissions: | |
| contents: write | |
| id-token: write | |
| packages: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| env: | |
| DOCKER_CLI_EXPERIMENTAL: "enabled" | |
| strategy: | |
| matrix: | |
| release_os: | |
| - darwin | |
| - freebsd | |
| - illumos | |
| - linux | |
| - netbsd | |
| - openbsd | |
| - solaris | |
| - windows | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Required by GoRelease | |
| - name: Golang Setup | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "^1.23.3" | |
| - name: go-check | |
| run: go version | |
| # Supports syft/sbom generation | |
| - uses: anchore/sbom-action/download-syft@v0 | |
| # Supports Buildx | |
| - name: Qemu Setup | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Buildx Setup | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Cosign Install | |
| uses: sigstore/cosign-installer@v3 | |
| #- name: GPG Import | |
| # id: gpg-import | |
| # uses: crazy-max/ghaction-import-gpg@v6 | |
| # with: | |
| # gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # passphrase: ${{ secrets.GPG_PASSWORD }} | |
| - name: Cache Setup | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ./dist/**/openbao-plugin-auth-openhorizon | |
| ./dist/**/*.exe | |
| ./dist/*.tar.gz | |
| ./dist/*.tar.gz.zst | |
| ./dist/*.zip | |
| key: ${{ github.ref }} | |
| - name: "GoReleaser: Release" | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| distribution: goreleaser | |
| version: "~> v2" | |
| args: release --clean --timeout=60m --verbose --parallelism 2 | |
| env: | |
| RELEASE_BUILD_GOOS: ${{ matrix.release_os }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| #GPG_FINGERPRINT: ${{ steps.gpg-import.outputs.fingerprint }} | |
| #GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| GITHUB_RELEASE_PRERELEASE: ${{ inputs.prerelease }} | |
| GITHUB_RELEASE_MAKE_LATEST: ${{ inputs.make-latest }} | |
| GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| #NFPM_DEFAULT_PASSPHRASE: ${{ secrets.GPG_PASSWORD }} | |
| #- name: Remove GPG Signing Key File | |
| # if: always() | |
| # run: | | |
| # if [ -n "${GPG_KEY_FILE}" ]; then | |
| # rm -rf "${GPG_KEY_FILE}" | |
| # fi | |
| - name: "Check free space on runner" | |
| run: | | |
| df -h . |