release #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- "*" | |
workflow_dispatch: | |
inputs: | |
tag: | |
description: The tag to run against. This trigger runs the GoReleaser and MSI builder. | |
required: true | |
jobs: | |
release: | |
name: release | |
strategy: | |
# the goreleaser and the Github release API doesn't handle concurrent | |
# access well, so run goreleaser serially | |
max-parallel: 1 | |
matrix: | |
os: | |
- ubuntu-latest | |
- ubuntu-20.04 | |
- macos-latest | |
runs-on: ${{ matrix.os }} | |
if: github.event_name != 'workflow_dispatch' | |
permissions: write-all | |
steps: | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- name: Install dependency required for linux builds | |
if: matrix.os == 'ubuntu-20.04' | |
run: sudo apt-get update && sudo apt-get install -y libudev-dev | |
- name: Add Lowercase Repository Name to Environment | |
run: | | |
echo REPOSITORY_NAME_LOWERCASE=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV | |
- uses: "docker/login-action@v3" | |
if: matrix.os == 'ubuntu-20.04' | |
with: | |
registry: "ghcr.io" | |
username: "${{ github.actor }}" | |
password: "${{ secrets.GITHUB_TOKEN }}" | |
- name: GoReleaser | |
uses: goreleaser/goreleaser-action@v6 | |
with: | |
version: latest | |
args: release --clean --config .goreleaser.${{ matrix.os }}.yml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
IMAGE_NAME: ${{ env.REPOSITORY_NAME_LOWERCASE }} | |
windows-msi: | |
name: Build Windows MSI and upload to release | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
needs: [release] | |
if: >- # https://github.com/actions/runner/issues/491 | |
always() && | |
(needs.release.result == 'success' || needs.release.result == 'skipped') | |
env: | |
INSTALLER: ${{ github.workspace }}/.github/win-msi | |
BIN: ${{ github.workspace }}/.github/win-msi/src/bin | |
WIXIMG: dactiv/wix@sha256:17d232708589641f5632f9a1ff9463ad087b192cea7b8e6012d2b47ec6af5f6c | |
steps: | |
- name: Normalize tag values | |
run: | | |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] ; then | |
VER=${{ github.event.inputs.tag }} | |
else | |
VER=${GITHUB_REF/refs\/tags\//} | |
fi | |
VERSION=${VER//v} | |
echo "VER_TAG=$VER" >> $GITHUB_ENV | |
echo "VERSION=$VERSION" >> $GITHUB_ENV | |
echo "ASSET=saml2aws_${VERSION}_windows_amd64.zip" >> $GITHUB_ENV | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Retrieve the release asset | |
id: asset | |
uses: robinraju/release-downloader@a96f54c1b5f5e09e47d9504526e96febd949d4c2 # v1.11 | |
with: | |
repository: ${{ github.repository }} | |
tag: ${{ env.VER_TAG }} | |
fileName: ${{ env.ASSET }} | |
out-file-path: ${{ env.BIN }} | |
- name: Unzip asset | |
working-directory: ${{ env.BIN }} | |
run: unzip "${ASSET}" | |
- name: Build MSI | |
run: | | |
# container does not run as root | |
chmod -R o+rw "${INSTALLER}" | |
cat "${INSTALLER}/wix.sh" | docker run --rm -i -e VERSION -v "${INSTALLER}:/wix" ${WIXIMG} /bin/sh | |
- name: Upload the asset to the release | |
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v0.2.0.8.2.0.85 / v2.0.8 | |
with: | |
tag_name: ${{ env.VER_TAG }} | |
files: ${{ env.INSTALLER }}/out/*.msi | |
chocolatey: | |
name: Deploy to chocolatey | |
runs-on: windows-latest | |
permissions: | |
contents: write | |
needs: [release] | |
if: >- # https://github.com/actions/runner/issues/491 | |
always() && | |
(needs.release.result == 'success' || needs.release.result == 'skipped') | |
steps: | |
- name: Normalize tag values | |
shell: bash | |
run: | | |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] ; then | |
VER=${{ github.event.inputs.tag }} | |
else | |
VER=${GITHUB_REF/refs\/tags\//} | |
fi | |
VERSION=${VER//v} | |
echo "VER_TAG=$VER" >> $GITHUB_ENV | |
echo "VERSION=$VERSION" >> $GITHUB_ENV | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup PowerShell module cache | |
id: cacher | |
uses: actions/cache@v3 | |
with: | |
path: "C:\\Users\\runneradmin\\Documents\\PowerShell\\Modules" | |
key: ${{ runner.os }}-InvokeBuild | |
- name: Install required PowerShell modules | |
if: steps.cacher.outputs.cache-hit != 'true' | |
shell: pwsh | |
run: | | |
Set-PSRepository PSGallery -InstallationPolicy Trusted | |
Install-Module InvokeBuild -ErrorAction Stop | |
- name: Invoke build script | |
env: | |
appName: saml2aws | |
shell: pwsh | |
run: Invoke-Build | |
- name: Deploy | |
shell: pwsh | |
env: | |
CHOCOLATEY_API_KEY: ${{ secrets.CHOCOLATEY_API_KEY }} | |
VERSION: ${{ env.VERSION }} | |
run: | | |
choco apikey --key "$env:CHOCOLATEY_API_KEY" --source "https://push.chocolatey.org/" | |
choco push ./choco/saml2aws.${env:VERSION}.nupkg --source "https://push.chocolatey.org/" |