Skip to content

release

release #5

Workflow file for this run

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
---
name: πŸš€ Release
on:
repository_dispatch:
types: [release]
permissions:
contents: read
jobs:
release:
name: πŸš€ Release
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
attestations: write
environment:
name: release
steps:
- name: ‡️ Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Allow goreleaser to access older tag information.
fetch-depth: 0
ref: "refs/tags/${{ github.event.client_payload.tag }}"
- name: 🚧 Setup Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
cache: true
- name: πŸ” Import GPG key
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
id: import-gpg
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
- name: 🚧 Setup Syft
uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7
- name: πŸš€ Run GoReleaser
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
with:
version: "~> v2"
args: release --clean --release-notes=".changes/${{ github.event.client_payload.tag }}.md" --verbose
env:
GITHUB_TOKEN: ${{ github.token }}
GPG_FINGERPRINT: ${{ steps.import-gpg.outputs.fingerprint }}
GORELEASER_CURRENT_TAG: ${{ github.event.client_payload.tag }}
- name: πŸ“ Attest Archives
uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
with:
subject-path: |
dist/*.zip