feat(ci): unify validate & snapshot workflows #33

Workflow file for this run

	name: Go
	on:
	push:
	branches:
	- main
	tags:
	- "v*"

	pull_request:
	branches:
	- main

	permissions:
	checks: write
	contents: write
	packages: write
	pull-requests: write
	pages: write
	id-token: write

	jobs:
	build:
	strategy:
	matrix:
	os: [ubuntu-latest, macos-latest, windows-latest]
	runs-on: ${{ matrix.os }}
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: "0"
	fetch-tags: "true"

	- name: Setup Go
	uses: actions/setup-go@v5
	with:
	go-version-file: go.mod
	cache-dependency-path: go.sum
	check-latest: true

	- name: Init go
	run: \|
	go mod download
	go generate .

	- name: Install goteestsum
	run: \|
	go install -a gotest.tools/gotestsum@latest

	- name: golangci-lint
	uses: golangci/golangci-lint-action@v6
	env:
	GOPROXY: direct

	- id: govulncheck
	uses: golang/govulncheck-action@v1
	with:
	go-version-file: go.mod
	go-package: ./...

	- name: Test
	run: \|
	gotestsum --format pkgname -- -race -shuffle=on -covermode=atomic ./...

	# Do not run release on windows
	- uses: ruby/setup-ruby@v1
	if: ${{ matrix.os == 'ubuntu-latest' }}
	with:
	ruby-version: "3.3"
	bundler-cache: true

	- run: gem install asciidoctor
	if: ${{ matrix.os == 'ubuntu-latest' }}

	- name: Setup Syft
	run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh \| sh -s -- -b /usr/local/bin
	if: ${{ matrix.os == 'ubuntu-latest' }}

	- name: Prepare GPG setup
	run: \|
	mkdir -p $GITHUB_WORKSPACE/.gnupg
	echo "${{ secrets.GPG_SIGNING_KEY }}" \| base64 -d > $GITHUB_WORKSPACE/.gnupg/gpg.key
	if: ${{ matrix.os == 'ubuntu-latest' }}

	- name: Snapshot release
	uses: goreleaser/goreleaser-action@v6
	if: ${{ matrix.os == 'ubuntu-latest' && !startsWith(github.ref, 'refs/tags/v') }}
	with:
	distribution: goreleaser
	version: latest
	args: release --clean --snapshot
	env:
	NFPM_GIT_AGE_PASSPHRASE: ${{ secrets.NFPM_GIT_AGE_PASSPHRASE }}

	- name: Release
	uses: goreleaser/goreleaser-action@v6
	if: ${{ matrix.os == 'ubuntu-latest' && startsWith(github.ref, 'refs/tags/v') }}
	with:
	distribution: goreleaser
	version: latest
	args: release --clean
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	GH_TAP_PAT: ${{ secrets.GH_TAP_PAT }}
	GH_WINGET_PAT: ${{ secrets.GH_WINGET_PAT }}
	GH_SCOOP_PAT: ${{ secrets.GH_SCOOP_PAT }}
	NFPM_GIT_AGE_PASSPHRASE: ${{ secrets.NFPM_GIT_AGE_PASSPHRASE }}
	AUR_KEY: ${{ secrets.AUR_SSH_KEY }}

	- name: Upload RPM packages
	if: ${{ matrix.os == 'ubuntu-latest' && startsWith(github.ref, 'refs/tags/v') }}
	run: \|
	for rpm in dist/*.rpm; do
	curl --user prskr:${{ secrets.UPLOAD_RPM_SECRET }} \
	--upload-file "${rpm}" \
	https://code.icb4dc0.de/api/packages/prskr/rpm/upload
	done

	- name: Upload DEB packages
	if: ${{ matrix.os == 'ubuntu-latest' && startsWith(github.ref, 'refs/tags/v') }}
	run: \|
	for deb in dist/*.deb; do
	curl --user prskr:${{ secrets.UPLOAD_DEB_SECRET }} \
	--upload-file "${deb}" \
	https://code.icb4dc0.de/api/packages/prskr/debian/pool/bookworm/main/upload
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(ci): unify validate & snapshot workflows #33

Workflow file

feat(ci): unify validate & snapshot workflows #33

Jobs

Run details

Workflow file for this run