Skip to content

release

release #3

Workflow file for this run

name: release
on:
push:
tags:
- "*"
workflow_dispatch:
inputs:
tag:
description: The tag to run against. This trigger runs the GoReleaser and MSI builder.
required: true
jobs:
release:
name: release
strategy:
# the goreleaser and the Github release API doesn't handle concurrent
# access well, so run goreleaser serially
max-parallel: 1
matrix:
os:
- ubuntu-latest
- ubuntu-20.04
- macos-latest
runs-on: ${{ matrix.os }}
if: github.event_name != 'workflow_dispatch'
permissions: write-all
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version-file: "go.mod"
- name: Install dependency required for linux builds
if: matrix.os == 'ubuntu-20.04'
run: sudo apt-get update && sudo apt-get install -y libudev-dev
- name: Add Lowercase Repository Name to Environment
run: |
echo REPOSITORY_NAME_LOWERCASE=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
- uses: "docker/login-action@v3"
if: matrix.os == 'ubuntu-20.04'
with:
registry: "ghcr.io"
username: "${{ github.actor }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
version: latest
args: release --clean --config .goreleaser.${{ matrix.os }}.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
IMAGE_NAME: ${{ env.REPOSITORY_NAME_LOWERCASE }}
windows-msi:
name: Build Windows MSI and upload to release
runs-on: ubuntu-latest
permissions:
contents: write
needs: [release]
if: >- # https://github.com/actions/runner/issues/491
always() &&
(needs.release.result == 'success' || needs.release.result == 'skipped')
env:
INSTALLER: ${{ github.workspace }}/.github/win-msi
BIN: ${{ github.workspace }}/.github/win-msi/src/bin
WIXIMG: dactiv/wix@sha256:17d232708589641f5632f9a1ff9463ad087b192cea7b8e6012d2b47ec6af5f6c
steps:
- name: Normalize tag values
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] ; then
VER=${{ github.event.inputs.tag }}
else
VER=${GITHUB_REF/refs\/tags\//}
fi
VERSION=${VER//v}
echo "VER_TAG=$VER" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "ASSET=saml2aws_${VERSION}_windows_amd64.zip" >> $GITHUB_ENV
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Retrieve the release asset
id: asset
uses: robinraju/release-downloader@a96f54c1b5f5e09e47d9504526e96febd949d4c2 # v1.11
with:
repository: ${{ github.repository }}
tag: ${{ env.VER_TAG }}
fileName: ${{ env.ASSET }}
out-file-path: ${{ env.BIN }}
- name: Unzip asset
working-directory: ${{ env.BIN }}
run: unzip "${ASSET}"
- name: Build MSI
run: |
# container does not run as root
chmod -R o+rw "${INSTALLER}"
cat "${INSTALLER}/wix.sh" | docker run --rm -i -e VERSION -v "${INSTALLER}:/wix" ${WIXIMG} /bin/sh
- name: Upload the asset to the release
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v0.2.0.8.2.0.85 / v2.0.8
with:
tag_name: ${{ env.VER_TAG }}
files: ${{ env.INSTALLER }}/out/*.msi
chocolatey:
name: Deploy to chocolatey
runs-on: windows-latest
permissions:
contents: write
needs: [release]
if: >- # https://github.com/actions/runner/issues/491
always() &&
(needs.release.result == 'success' || needs.release.result == 'skipped')
steps:
- name: Normalize tag values
shell: bash
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] ; then
VER=${{ github.event.inputs.tag }}
else
VER=${GITHUB_REF/refs\/tags\//}
fi
VERSION=${VER//v}
echo "VER_TAG=$VER" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup PowerShell module cache
id: cacher
uses: actions/cache@v3
with:
path: "C:\\Users\\runneradmin\\Documents\\PowerShell\\Modules"
key: ${{ runner.os }}-InvokeBuild
- name: Install required PowerShell modules
if: steps.cacher.outputs.cache-hit != 'true'
shell: pwsh
run: |
Set-PSRepository PSGallery -InstallationPolicy Trusted
Install-Module InvokeBuild -ErrorAction Stop
- name: Invoke build script
env:
appName: saml2aws
shell: pwsh
run: Invoke-Build
- name: Deploy
shell: pwsh
env:
CHOCOLATEY_API_KEY: ${{ secrets.CHOCOLATEY_API_KEY }}
VERSION: ${{ env.VERSION }}
run: |
choco apikey --key "$env:CHOCOLATEY_API_KEY" --source "https://push.chocolatey.org/"
choco push ./choco/saml2aws.${env:VERSION}.nupkg --source "https://push.chocolatey.org/"