From 17ffc37d4acee17210319c1c7c0fb2f7cce83054 Mon Sep 17 00:00:00 2001 From: Forrest Evans Date: Fri, 6 Oct 2023 14:29:18 -0700 Subject: [PATCH] scaffold release yaml --- .github/workflows/release.yml | 52 ++++++++++++++++++++-------------- .github/workflows/test.yml | 53 ++++++++++++++++++++--------------- 2 files changed, 61 insertions(+), 44 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b1a32dea3..33fdbdd1b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,41 +1,51 @@ -# Terraform Provider release workflow. -name: Release - -# This GitHub action creates a release when a tag that matches the pattern -# "v*" (e.g. v0.1.0) is created. +# This GitHub action can publish assets for release when a tag is created. +# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0). +# +# This uses an action (crazy-max/ghaction-import-gpg) that assumes you set your +# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE` +# secret. If you would rather own your own GPG handling, please fork this action +# or use an alternative one for key handling. +# +# You will need to pass the `--batch` flag to `gpg` in your signing step +# in `goreleaser` to indicate this is being used in a non-interactive mode. +# +name: release on: push: tags: - 'v*' - -# Releases need permissions to read and write the repository contents. -# GitHub considers creating releases and uploading assets as writing contents. permissions: contents: write - jobs: goreleaser: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - # Allow goreleaser to access older tag information. - fetch-depth: 0 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - + name: Checkout + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - + name: Unshallow + run: git fetch --prune --unshallow + - + name: Set up Go + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version-file: 'go.mod' cache: true - - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@82a020f1f7f605c65dd2449b392a52c3fcfef7ef # v6.0.0 + - + name: Import GPG key + uses: crazy-max/ghaction-import-gpg@111c56156bcc6918c056dbef52164cfa583dc549 # v5.2.0 id: import_gpg with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.PASSPHRASE }} - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 + - + name: Run GoReleaser + uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0 with: - args: release --clean + version: latest + args: release --rm-dist env: - # GitHub sets the GITHUB_TOKEN secret automatically. - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + # GitHub sets this automatically + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 41bc6ce6b..45fe0cc46 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,8 +1,7 @@ -# Terraform Provider testing workflow. +# This GitHub action runs your tests for each commit push and/or PR. Optionally +# you can turn it on using a cron schedule for regular testing. +# name: Tests - -# This GitHub action runs your tests for each pull request and push. -# Optionally, you can turn it on using a schedule for regular testing. on: pull_request: paths-ignore: @@ -10,35 +9,43 @@ on: push: paths-ignore: - 'README.md' - -# Testing only needs permissions to read the repository contents. -permissions: - contents: read - + # For systems with an upstream API that could drift unexpectedly (like most SaaS systems, etc.), + # we recommend testing at a regular interval not necessarily tied to code changes. This will + # ensure you are alerted to something breaking due to an API change, even if the code did not + # change. + # schedule: + # - cron: '0 13 * * *' jobs: - # Ensure project builds before running testing matrix + # ensure the code builds... build: name: Build runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 - with: - go-version-file: 'go.mod' - cache: true - - run: go mod download - - run: go build -v . - - name: Run linters - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 - with: - version: latest + + - name: Check out code into the Go module directory + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + + - name: Set up Go + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + cache: true + id: go + + - name: Get dependencies + run: | + go mod download + + - name: Build + run: | + go build -v . generate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version-file: 'go.mod' cache: true