diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3d4e39e..a4ca701 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,9 +1,22 @@ +# This GitHub action can publish assets for release when a tag is created. +# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0). +# +# This uses an action (hashicorp/ghaction-import-gpg) that assumes you set your +# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE` +# secret. If you would rather own your own GPG handling, please fork this action +# or use an alternative one for key handling. +# +# You will need to pass the `--batch` flag to `gpg` in your signing step +# in `goreleaser` to indicate this is being used in a non-interactive mode. +# name: release - on: push: tags: - - "v[0-9]+.[0-9]+.[0-9]+*" + - "v*" + +permissions: + contents: write jobs: goreleaser: @@ -15,15 +28,14 @@ jobs: - name: Unshallow run: git fetch --prune --unshallow - - name: Set up Go - uses: actions/setup-go@v5 + - uses: actions/setup-go@v5 with: go-version-file: "go.mod" cache: true - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 id: import_gpg - uses: crazy-max/ghaction-import-gpg@v6.0.0 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.PASSPHRASE }} @@ -32,7 +44,7 @@ jobs: uses: goreleaser/goreleaser-action@v5.0.0 with: version: latest - args: release --rm-dist + args: release --clean env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yml b/.goreleaser.yml index 23f50b3..4703e8c 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,8 +1,8 @@ # Visit https://goreleaser.com for documentation on how to customize this # behavior. + before: hooks: - # this is just an example and not a requirement for provider building/publishing - go mod tidy builds: - env: @@ -10,11 +10,11 @@ builds: # usage by users in CI/CD systems like Terraform Cloud where # they are unable to install libraries. - CGO_ENABLED=0 - mod_timestamp: '{{ .CommitTimestamp }}' + mod_timestamp: "{{ .CommitTimestamp }}" flags: - -trimpath ldflags: - - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' + - "-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}" goos: - freebsd - windows @@ -22,21 +22,21 @@ builds: - darwin goarch: - amd64 - - '386' + - "386" - arm - arm64 ignore: - goos: darwin - goarch: '386' - binary: '{{ .ProjectName }}_v{{ .Version }}' + goarch: "386" + binary: "{{ .ProjectName }}_v{{ .Version }}" archives: - format: zip - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' + name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" checksum: extra_files: - - glob: 'terraform-registry-manifest.json' - name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' - name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' + - glob: "terraform-registry-manifest.json" + name_template: "{{ .ProjectName }}_{{ .Version }}_manifest.json" + name_template: "{{ .ProjectName }}_{{ .Version }}_SHA256SUMS" algorithm: sha256 signs: - artifacts: checksum @@ -45,16 +45,16 @@ signs: # need to pass the batch flag to indicate its not interactive. - "--batch" - "--local-user" - - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key + - "{{ .Env.GPG_FINGERPRINT }}" - "--output" - "${signature}" - "--detach-sign" - "${artifact}" release: extra_files: - - glob: 'terraform-registry-manifest.json' - name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' - # If you want to manually examine the release before its live, uncomment this line: - # draft: true + - glob: "terraform-registry-manifest.json" + name_template: "{{ .ProjectName }}_{{ .Version }}_manifest.json" + # Manually examine the release before it goes live: + draft: true changelog: skip: true diff --git a/Makefile b/Makefile index 8450a3b..937057a 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ build: go build -o ${BINARY} release: - goreleaser release --rm-dist --snapshot --skip-publish --skip-sign + goreleaser release --clean --snapshot --skip-publish --skip-sign install: build mkdir -p ~/.terraform.d/plugins/${HOSTNAME}/${NAMESPACE}/${NAME}/${VERSION}/${OS_ARCH}