mirror of
https://github.com/Belphemur/CBZOptimizer.git
synced 2026-01-09 23:34:42 +01:00
8c52010dfe
* Initial plan * Remove cosign signing and improve GoReleaser configuration - Removed cosign-installer step from release workflow - Removed cosign signing sections (signs and docker_signs) from .goreleaser.yml - Added include_meta: true to release configuration - Added use: github and format to changelog configuration - Added before hooks section for go mod tidy and go generate - Improved comments and structure following best practices - Added proper step names to workflow for better readability - Kept attestation steps for checksums.txt and digests.txt using GitHub's native attestation Co-authored-by: Belphemur <197810+Belphemur@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Belphemur <197810+Belphemur@users.noreply.github.com>
60 lines
1.8 KiB
YAML
60 lines
1.8 KiB
YAML
#
|
|
# Releaser workflow setup
|
|
# https://goreleaser.com/ci/actions/
|
|
#
|
|
name: release
|
|
|
|
# run only on tags
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
|
|
permissions:
|
|
contents: write # needed to write releases
|
|
id-token: write # needed for keyless signing
|
|
packages: write # needed for ghcr access
|
|
attestations: write # needed for attestations
|
|
|
|
jobs:
|
|
release:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
fetch-depth: 0 # this is important, otherwise it won't checkout the full tree (i.e. no previous tags)
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v6
|
|
with:
|
|
go-version-file: go.mod
|
|
cache: true
|
|
- name: Install Syft
|
|
uses: anchore/sbom-action/download-syft@v0.20.11 # installs syft
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Log in to GHCR
|
|
uses: docker/login-action@v3 # login to ghcr
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Run GoReleaser
|
|
uses: goreleaser/goreleaser-action@v6 # run goreleaser
|
|
with:
|
|
version: nightly
|
|
args: release --clean --verbose
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
# After GoReleaser runs, attest all the files in ./dist/checksums.txt:
|
|
- name: Attest Build Provenance for Archives
|
|
uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-checksums: ./dist/checksums.txt
|
|
# After GoReleaser runs, attest all the images in ./dist/digests.txt:
|
|
- name: Attest Build Provenance for Docker Images
|
|
uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-checksums: ./dist/digests.txt
|