Now that there is a ZIP archive to download, to avoid the complexities
of unzipping through Node.js we use hub to download the `.zip`, extract
it, and eventually upload the `.msi` back to the release.
The changelog is generated using the git log of pull request merges
since the last tagged release, and is in the following format:
* {PR title} #{PR number}
This commit:
- Adds config for building Windows installers
- Adds an action for fetching exe files built by goreleaser
- Adds an action for building Windows installers
- Adds an action for adding MSI files to an existing GH release
- Adds MSI signing to our release flow
- Disables homebrew formula bumping for prereleases
- Allows the release asset copying action to copy windows assets
We started vendoring dependencies because this was a practice that the Go community had for a while now to:
1. Speed up builds - no need to fetch dependencies every time;
2. Guard against 3rd-party downtime - CI passes even if hosts such as `gopkg.in` are down, or if someone deletes their GitHub repo/account hosting a particular module.
With Go 1.13 and GitHub Actions, however, we have these problems solved for free:
- The built-in goproxy caches dependencies and speeds up downloads;
- Octofactory ensures that dependencies are cached on our own infrastructure, guarding us from 3rd-party downtime.
With all this in mind, I feel that we don't have to require vendoring dependencies anymore.
