187 lines
6.7 KiB
YAML
187 lines
6.7 KiB
YAML
name: goreleaser
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
|
|
jobs:
|
|
goreleaser:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
- name: Set up Go 1.15
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.15
|
|
- name: Generate changelog
|
|
run: |
|
|
echo "GORELEASER_CURRENT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
|
|
git fetch --unshallow
|
|
script/changelog | tee CHANGELOG.md
|
|
- name: Run GoReleaser
|
|
uses: goreleaser/goreleaser-action@v2
|
|
with:
|
|
version: latest
|
|
args: release --release-notes=CHANGELOG.md
|
|
env:
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
- name: Checkout documentation site
|
|
uses: actions/checkout@v2
|
|
with:
|
|
repository: github/cli.github.com
|
|
path: site
|
|
fetch-depth: 0
|
|
token: ${{secrets.SITE_GITHUB_TOKEN}}
|
|
- name: Update site man pages
|
|
env:
|
|
GIT_COMMITTER_NAME: cli automation
|
|
GIT_AUTHOR_NAME: cli automation
|
|
GIT_COMMITTER_EMAIL: noreply@github.com
|
|
GIT_AUTHOR_EMAIL: noreply@github.com
|
|
run: make site-bump
|
|
- name: Move project cards
|
|
continue-on-error: true
|
|
env:
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
PENDING_COLUMN: 8189733
|
|
DONE_COLUMN: 7110130
|
|
run: |
|
|
api() { gh api -H 'accept: application/vnd.github.inertia-preview+json' "$@"; }
|
|
api-write() { [[ $GITHUB_REF == *-* ]] && echo "skipping: api $*" || api "$@"; }
|
|
cards=$(api --paginate projects/columns/$PENDING_COLUMN/cards | jq ".[].id")
|
|
for card in $cards; do
|
|
api-write --silent projects/columns/cards/$card/moves -f position=top -F column_id=$DONE_COLUMN
|
|
done
|
|
echo "moved ${#cards[@]} cards to the Done column"
|
|
|
|
- name: Install packaging dependencies
|
|
run: sudo apt-get install -y rpm reprepro
|
|
- name: Set up GPG
|
|
run: |
|
|
gpg --import --no-tty --batch --yes < script/pubkey.asc
|
|
echo "${{secrets.GPG_KEY}}" | base64 -d | gpg --import --no-tty --batch --yes
|
|
echo "allow-preset-passphrase" > ~/.gnupg/gpg-agent.conf
|
|
gpg-connect-agent RELOADAGENT /bye
|
|
echo "${{secrets.GPG_PASSPHRASE}}" | /usr/lib/gnupg2/gpg-preset-passphrase --preset 867DAD5051270B843EF54F6186FA10E3A1D22DC5
|
|
- name: Sign RPMs
|
|
run: |
|
|
cp script/rpmmacros ~/.rpmmacros
|
|
rpmsign --addsign dist/*.rpm
|
|
- name: Run createrepo
|
|
run: |
|
|
mkdir -p site/packages/rpm
|
|
cp dist/*.rpm site/packages/rpm/
|
|
./script/createrepo.sh
|
|
cp -r dist/repodata site/packages/rpm/
|
|
pushd site/packages/rpm
|
|
gpg --yes --detach-sign --armor repodata/repomd.xml
|
|
popd
|
|
- name: Run reprepro
|
|
env:
|
|
RELEASES: "cosmic eoan disco groovy focal stable oldstable testing unstable buster bullseye stretch jessie bionic trusty precise xenial"
|
|
run: |
|
|
mkdir -p upload
|
|
for release in $RELEASES; do
|
|
for file in dist/*.deb; do
|
|
reprepro --confdir="+b/script" includedeb "$release" "$file"
|
|
done
|
|
done
|
|
cp -a dists/ pool/ upload/
|
|
mkdir -p site/packages
|
|
cp -a upload/* site/packages/
|
|
- name: Publish site
|
|
env:
|
|
GIT_COMMITTER_NAME: cli automation
|
|
GIT_AUTHOR_NAME: cli automation
|
|
GIT_COMMITTER_EMAIL: noreply@github.com
|
|
GIT_AUTHOR_EMAIL: noreply@github.com
|
|
working-directory: ./site
|
|
run: |
|
|
git add packages
|
|
git commit -m "Add rpm and deb packages for ${GITHUB_REF#refs/tags/}"
|
|
if [[ $GITHUB_REF == *-* ]]; then
|
|
git log --oneline @{upstream}..
|
|
git diff --name-status @{upstream}..
|
|
else
|
|
git push
|
|
fi
|
|
|
|
msi:
|
|
needs: goreleaser
|
|
runs-on: windows-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
- name: Download gh.exe
|
|
id: download_exe
|
|
shell: bash
|
|
run: |
|
|
hub release download "${GITHUB_REF#refs/tags/}" -i '*windows_amd64*.zip'
|
|
printf "::set-output name=zip::%s\n" *.zip
|
|
unzip -o *.zip && rm -v *.zip
|
|
env:
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
- name: Install go-msi
|
|
run: choco install -y "go-msi"
|
|
- name: Prepare PATH
|
|
shell: bash
|
|
run: |
|
|
echo "$WIX\\bin" >> $GITHUB_PATH
|
|
echo "C:\\Program Files\\go-msi" >> $GITHUB_PATH
|
|
- name: Build MSI
|
|
id: buildmsi
|
|
shell: bash
|
|
run: |
|
|
mkdir -p build
|
|
msi="$(basename "${{ steps.download_exe.outputs.zip }}" ".zip").msi"
|
|
printf "::set-output name=msi::%s\n" "$msi"
|
|
go-msi make --msi "$PWD/$msi" --out "$PWD/build" --version "${GITHUB_REF#refs/tags/}"
|
|
- name: Obtain signing cert
|
|
id: obtain_cert
|
|
env:
|
|
DESKTOP_CERT_TOKEN: ${{ secrets.DESKTOP_CERT_TOKEN }}
|
|
run: .\script\setup-windows-certificate.ps1
|
|
- name: Sign MSI
|
|
env:
|
|
GITHUB_CERT_PASSWORD: ${{ secrets.GITHUB_CERT_PASSWORD }}
|
|
run: |
|
|
.\script\sign.ps1 -Certificate "${{ steps.obtain_cert.outputs.cert-file }}" `
|
|
-Executable "${{ steps.buildmsi.outputs.msi }}"
|
|
- name: Upload MSI
|
|
shell: bash
|
|
run: hub release edit "${GITHUB_REF#refs/tags/}" -m "" --draft=false -a "${{ steps.buildmsi.outputs.msi }}"
|
|
env:
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
- name: Bump homebrew-core formula
|
|
uses: mislav/bump-homebrew-formula-action@v1
|
|
if: "!contains(github.ref, '-')" # skip prereleases
|
|
with:
|
|
formula-name: gh
|
|
env:
|
|
COMMITTER_TOKEN: ${{ secrets.UPLOAD_GITHUB_TOKEN }}
|
|
- name: Checkout scoop bucket
|
|
uses: actions/checkout@v2
|
|
with:
|
|
repository: cli/scoop-gh
|
|
path: scoop-gh
|
|
fetch-depth: 0
|
|
token: ${{secrets.UPLOAD_GITHUB_TOKEN}}
|
|
- name: Bump scoop bucket
|
|
shell: bash
|
|
run: |
|
|
hub release download "${GITHUB_REF#refs/tags/}" -i '*_checksums.txt'
|
|
script/scoop-gen "${GITHUB_REF#refs/tags/}" ./scoop-gh/gh.json < *_checksums.txt
|
|
git -C ./scoop-gh commit -m "gh ${GITHUB_REF#refs/tags/}" gh.json
|
|
if [[ $GITHUB_REF == *-* ]]; then
|
|
git -C ./scoop-gh show -m
|
|
else
|
|
git -C ./scoop-gh push
|
|
fi
|
|
env:
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
GIT_COMMITTER_NAME: cli automation
|
|
GIT_AUTHOR_NAME: cli automation
|
|
GIT_COMMITTER_EMAIL: noreply@github.com
|
|
GIT_AUTHOR_EMAIL: noreply@github.com
|