-
Notifications
You must be signed in to change notification settings - Fork 0
125 lines (117 loc) · 3.65 KB
/
reusable-goreleaser.yaml
File metadata and controls
125 lines (117 loc) · 3.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: reusable-goreleaser
on:
workflow_call:
inputs:
go-version:
required: false
type: string
default: ">=1.25.8"
goreleaser-args:
required: false
type: string
default: "release --clean"
publish-package-repo:
required: false
type: boolean
default: false
package-name:
required: false
type: string
default: ""
package-repo-prefix:
required: false
type: string
default: ""
package-repo-label:
required: false
type: string
default: ""
package-public-key-name:
required: false
type: string
default: ""
gcp-project:
required: false
type: string
default: ""
workload-identity-provider:
required: false
type: string
default: ""
service-account:
required: false
type: string
default: ""
gcs-bucket:
required: false
type: string
default: ""
aptly-gpg-key-id:
required: false
type: string
default: ""
aptly-gpg-private-key-secret:
required: false
type: string
default: "aptly-gpg-private-key"
aptly-gpg-passphrase-secret:
required: false
type: string
default: "aptly-gpg-passphrase"
permissions:
contents: write
id-token: write
jobs:
goreleaser:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
with:
go-version: ${{ inputs.go-version }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6
with:
distribution: goreleaser
version: latest
args: ${{ inputs.goreleaser-args }}
env:
GITHUB_TOKEN: ${{ secrets.HOMEBREW_REPO }}
- name: Authenticate to Google Cloud
if: ${{ inputs.publish-package-repo }}
uses: google-github-actions/auth@c200f3691d83b41bf9bbd8638997a462592937ed # v2
with:
workload_identity_provider: ${{ inputs.workload-identity-provider }}
service_account: ${{ inputs.service-account }}
create_credentials_file: true
- name: Checkout Package Publisher
if: ${{ inputs.publish-package-repo }}
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
with:
repository: libops/terraform-linux-packages
ref: main
path: .libops-packages
- name: Publish Linux package repository
if: ${{ inputs.publish-package-repo }}
shell: bash
working-directory: .libops-packages
env:
GH_TOKEN: ${{ github.token }}
GCLOUD_PROJECT: ${{ inputs.gcp-project }}
GCS_BUCKET: ${{ inputs.gcs-bucket }}
APTLY_GPG_KEY_ID: ${{ inputs.aptly-gpg-key-id }}
APTLY_GPG_PRIVATE_KEY_SECRET: ${{ inputs.aptly-gpg-private-key-secret }}
APTLY_GPG_PASSPHRASE_SECRET: ${{ inputs.aptly-gpg-passphrase-secret }}
run: |
set -euo pipefail
make package \
GITHUB_REPOSITORY="${GITHUB_REPOSITORY}" \
PACKAGE_NAME="${{ inputs.package-name }}" \
GCS_BUCKET_PREFIX="${{ inputs.package-repo-prefix }}" \
APTLY_LABEL="${{ inputs.package-repo-label }}" \
APTLY_PUBLIC_KEY_NAME="${{ inputs.package-public-key-name }}" \
RELEASE_VERSION="${GITHUB_REF_NAME}"