diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 294c7247f..87d37fe1a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,52 +8,32 @@ on: env: BUILD_TAGS: 'akscluster cluster clustergroup credential ekscluster gitrepository iampolicy kustomization namespace custompolicy imagepolicy networkpolicy quotapolicy securitypolicy sourcesecret workspace tanzupackage tanzupackages packagerepository packageinstall clustersecret integration mutationpolicy backupschedule targetlocation dataprotection tanzukubernetescluster clusterclass managementcluster provisioner inspections custompolicytemplate customiamrole permissiontemplate' +permissions: + contents: write + jobs: goreleaser: runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v4 + - name: Checkout Repository + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: 1.19 - - - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + - name: Setup Go + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - version: v1.48.0 - args: --issues-exit-code=1 - skip-pkg-cache: true - skip-build-cache: true - - - - name: unit-test - run: | - go test -v ./... -cover - - - - name: mock-test - run: | - go test -v ./... -tags $BUILD_TAGS - - - - name: Import GPG key + go-version-file: 'go.mod' + - name: Import GPG Key id: import_gpg - uses: crazy-max/ghaction-import-gpg@v2 - env: - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2 + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY2 }} + passphrase: ${{ secrets.GPG_PASSPHRASE2 }} + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 with: version: latest - args: release --rm-dist --release-header .goreleaser.tmpl + args: release --clean --timeout 60m --release-header-tmpl .goreleaser.tmpl env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} diff --git a/.goreleaser.yml b/.goreleaser.yml index ccbfcef42..f23c39b86 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,5 +1,5 @@ -# Visit https://goreleaser.com for documentation on how to customize this -# behavior. +version: 2 + before: hooks: # this is just an example and not a requirement for provider building/publishing @@ -33,12 +33,15 @@ archives: - format: zip name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' checksum: + extra_files: + - glob: 'terraform-registry-manifest.json' + name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' algorithm: sha256 signs: - artifacts: checksum args: - # if you are using this is a GitHub action or some other automated pipeline, you + # if you are using this in a GitHub action or some other automated pipeline, you # need to pass the batch flag to indicate its not interactive. - "--batch" - "--local-user" @@ -48,13 +51,10 @@ signs: - "--detach-sign" - "${artifact}" release: - # Visit your project's GitHub Releases page to publish this release. - draft: true + extra_files: + - glob: 'terraform-registry-manifest.json' + name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' + # If you want to manually examine the release before its live, uncomment this line: + # draft: true changelog: - filters: - exclude: - - '^docs:' - - '^test:' - - Merge pull request - - Merge branch - - go mod tidy + disable: true