Go auto release workflow (#67)

* Added realese branches * Added realese branches * Added realese branches * Update shared-auto-release.yml * Fix configs * Fix configs * Added shared tf provider release * Added shared tf provider release * Added outputs * Added ouputs * Added tf-provider-release * Added tf-provider-release * Test build * Test build * Test build * Test build * Test build * Test build * Test build * Test build * Update shared-release-branches.yml * Update shared-release-branches.yml * Added go releaser workflow (#69) * Test main branch workaround * Test main branch workaround * Test main branch workaround * Added pgp sign * Fix goreleaser * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases * Consolidate go releases
cloudposse · Apr 18, 2024 · 06e622c · 06e622c
1 parent 9d13e94
commit 06e622c
Show file tree

Hide file tree

Showing 3 changed files with 260 additions and 1 deletion.
diff --git a/.github/goreleaser.yml b/.github/goreleaser.yml
@@ -0,0 +1,64 @@
+# Visit https://goreleaser.com for documentation on how to customize this
+# behavior.
+before:
+  hooks:
+    # this is just an example and not a requirement for provider building/publishing
+    - go mod tidy
+
+builds:
+- env:
+    # goreleaser does not work with CGO, it could also complicate
+    # usage by users in CI/CD systems like Terraform Cloud where
+    # they are unable to install libraries.
+    - CGO_ENABLED=0
+  mod_timestamp: '{{ .CommitTimestamp }}'
+  flags:
+    - -trimpath
+  ldflags:
+    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
+  goos:
+    - freebsd
+    - windows
+    - linux
+    - darwin
+  goarch:
+    - amd64
+    - '386'
+    - arm
+    - arm64
+  ignore:
+    - goos: darwin
+      goarch: '386'
+  binary: '{{ .ProjectName }}_v{{ .Version }}'
+
+archives:
+- format: zip
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+
+checksum:
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+
+signs:
+  - artifacts: checksum
+    args:
+      # since we are using this in a GitHub action we need to pass the batch flag to indicate its not interactive.
+      - "--batch"
+      - "--local-user"
+      - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+
+release:
+  draft: true
+  replace_existing_draft: true
+  replace_existing_artifacts: true
+  mode: keep-existing
+  make_latest: false
+  name_template: 'v{{.Tag}}'
+  target_commitish: "{{ .Branch }}"
+
+changelog:
+  skip: true
diff --git a/.github/workflows/shared-auto-release.yml b/.github/workflows/shared-auto-release.yml
@@ -17,6 +17,12 @@ on:
         type: string
         required: false
         default: '["ubuntu-latest"]'
+      summary-enabled:
+        description: Enable github action summary.
+        required: false
+        default: true
+        type: boolean
+
     outputs:
       id:
         description: The ID of the release that was created or updated.
@@ -50,7 +56,7 @@ on:
         value: ${{ jobs.release.outputs.resolved_version }}
       exists:
         description: Tag exists so skip new release issue
-        value: ${{ jobs.check-duplicate.outputs.exists }}
+        value: ${{ jobs.release.outputs.exists }}
 
 permissions: {}
 
@@ -99,4 +105,5 @@ jobs:
           publish: ${{ inputs.publish }}
           prerelease: ${{ inputs.prerelease }}
           latest: ${{ steps.context.outputs.latest }}
+          summary-enabled: ${{ inputs.summary-enabled }}
           config-name: ${{ steps.context.outputs.config }}
diff --git a/.github/workflows/shared-go-auto-release.yml b/.github/workflows/shared-go-auto-release.yml
@@ -0,0 +1,188 @@
+name: "Shared go releaser"
+
+on:
+  workflow_call:
+    inputs:
+      runs-on:
+        description: "Overrides job runs-on setting (json-encoded list)"
+        type: string
+        required: false
+        default: '["ubuntu-latest"]'
+      prerelease:
+        description: "Boolean indicating whether this release should be a prerelease"
+        required: false
+        default: false
+        type: string
+      publish:
+        description: "Whether to publish a new release immediately"
+        required: false
+        default: false
+        type: string
+      summary-enabled:
+        description: Enable github action summary.
+        required: false
+        default: true
+        type: boolean
+
+    outputs:
+      id:
+        description: The ID of the release that was created or updated.
+        value: ${{ jobs.publish.outputs.id }}
+      name:
+        description: The name of the release
+        value: ${{ jobs.publish.outputs.name }}
+      tag_name:
+        description: The name of the tag associated with the release.
+        value: ${{ jobs.publish.outputs.tag_name }}
+      body:
+        description: The body of the drafted release.
+        value: ${{ jobs.publish.outputs.body }}
+      html_url:
+        description: The URL users can navigate to in order to view the release
+        value: ${{ jobs.publish.outputs.html_url }}
+      upload_url:
+        description: The URL for uploading assets to the release, which could be used by GitHub Actions for additional uses, for example the @actions/upload-release-asset GitHub Action.
+        value: ${{ jobs.publish.outputs.upload_url }}
+      major_version:
+        description: The next major version number. For example, if the last tag or release was v1.2.3, the value would be v2.0.0.
+        value: ${{ jobs.publish.outputs.major_version }}
+      minor_version:
+        description: The next minor version number. For example, if the last tag or release was v1.2.3, the value would be v1.3.0.
+        value: ${{ jobs.publish.outputs.minor_version }}
+      patch_version:
+        description: The next patch version number. For example, if the last tag or release was v1.2.3, the value would be v1.2.4.
+        value: ${{ jobs.publish.outputs.patch_version }}
+      resolved_version:
+        description: The next resolved version number, based on GitHub labels.
+        value: ${{ jobs.publish.outputs.resolved_version }}
+      exists:
+        description: Tag exists so skip new release issue
+        value: ${{ jobs.publish.outputs.exists }}
+
+permissions: {}
+
+jobs:
+  draft:
+    uses: cloudposse/.github/.github/workflows/shared-auto-release.yml@main
+    with:
+      publish: false
+      summary-enabled: false
+      prerelease: ${{ inputs.prerelease }}
+    secrets: inherit
+
+  goreleaser:
+    if: ${{ needs.draft.outputs.exists == 'false' }}
+    runs-on: ${{ fromJSON(inputs.runs-on) }}
+    needs: [ draft ]
+    environment: release
+    steps:
+      - uses: actions/create-github-app-token@v1
+        id: github-app
+        with:
+          app-id: ${{ vars.BOT_GITHUB_APP_ID }}
+          private-key: ${{ secrets.BOT_GITHUB_APP_PRIVATE_KEY }}
+
+      - name: Install Git & GPG
+        run: |-
+          sudo apt-get update && sudo apt-get install -y git gnupg2
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          path: source
+
+      - name: Unshallow
+        working-directory: source
+        run: |-
+          git fetch --prune --unshallow          
+          git config --global user.email "[email protected]"
+          git config --global user.name "Your Name"          
+          git tag -a -m "Release ${{ needs.draft.outputs.tag_name }}" ${{ needs.draft.outputs.tag_name }}
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version-file: source/go.mod
+          cache-dependency-path: source/go.sum
+
+      - name: Import GPG key
+        id: import_gpg
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
+
+      - name: Check disk space before
+        shell: bash
+        working-directory: source
+        run: |-
+          printf "\nPWD is %s\ndf -h %s\n\n" "$(pwd -P)" "$(pwd -P)"
+          df -h $(pwd -P)
+          if [[ -n $TMPDIR ]]; then
+            printf "\n\nTMPDIR set to %s\ndf -h %s\n\n" "$TMPDIR" "$TMPDIR"
+            df -h "$TMPDIR"
+          else 
+            printf "\n\nTMPDIR not set, showing space in /tmp\n\n"
+            df -h /tmp
+          fi
+          printf "\n\nAll disk space:\n"
+          df -h
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ github.repository_owner }}/.github
+          path: .configs
+          sparse-checkout: |
+            .github/goreleaser.yml
+          sparse-checkout-cone-mode: false
+          ref: main
+
+      - name: Go releaser config
+        working-directory: source
+        id: go-releaser-config
+        run: |-
+          if [ -f .goreleaser.yml ]; then
+            echo 'Go releaser config exists.'
+            echo "path=./.goreleaser.yml" >> $GITHUB_OUTPUT
+          else
+            echo 'Go releaser config does not exist. Use org wide config'
+            echo "path=../.configs/.github/goreleaser.yml" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v5
+        with:
+          workdir: source
+          version: latest
+          args: release --config ${{ steps.go-releaser-config.outputs.path }} --clean --parallelism 2 --timeout 180m
+        env:
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
+          GITHUB_TOKEN: ${{ steps.github-app.outputs.token }}
+
+      - name: Check disk space after
+        if: success() || failure()
+        shell: bash
+        working-directory: source
+        run: |-
+          printf "\nPWD is %s\ndf -h %s\n\n" "$(pwd -P)" "$(pwd -P)"
+          df -h $(pwd -P)
+          if [[ -n $TMPDIR ]]; then
+            printf "\n\nTMPDIR set to %s\ndf -h %s\n\n" "$TMPDIR" "$TMPDIR"
+            df -h "$TMPDIR"
+          else 
+            printf "\n\nTMPDIR not set, showing space in /tmp\n\n"
+            df -h /tmp
+          fi
+          printf "\n\nAll disk space:\n"
+          df -h
+
+  publish:
+    if: ${{ needs.draft.outputs.exists == 'false' }}
+    needs: [ goreleaser, draft ]
+    uses: cloudposse/.github/.github/workflows/shared-auto-release.yml@main
+    with:
+      publish: ${{ inputs.publish }}
+      prerelease: ${{ inputs.prerelease }}
+      summary-enabled: ${{ inputs.summary-enabled }}
+    secrets: inherit