mirror of
https://github.com/gopasspw/gopass.git
synced 2025-12-08 19:24:54 +00:00
49d0c43b59
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.10.0 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7543c93d8...faadad0cce)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 4.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
102 lines
3.6 KiB
YAML
102 lines
3.6 KiB
YAML
# This is a basic workflow to help you get started with Actions
|
|
|
|
name: release
|
|
|
|
# Controls when the action will run.
|
|
on:
|
|
# Triggers the workflow on push or pull request events but only for the master branch
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
goreleaser:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
|
|
with:
|
|
egress-policy: audit
|
|
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
fetch-depth: 0
|
|
-
|
|
name: Set up Go
|
|
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
|
|
with:
|
|
go-version: '1.25'
|
|
- uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
- uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
|
|
- uses: anchore/sbom-action/download-syft@8e94d75ddd33f69f691467e42275782e4bfefe84 # v0.20.9
|
|
# ubuntu is missing wixl https://github.com/actions/virtual-environments/issues/3857
|
|
-
|
|
name: "Install GNOME msitools (wixl)"
|
|
run: sudo apt update -qq && sudo apt install -qq -y wixl
|
|
-
|
|
name: Import GPG signing key
|
|
id: import_gpg
|
|
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
|
|
with:
|
|
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
|
|
passphrase: ${{ secrets.PASSPHRASE }}
|
|
-
|
|
name: Debug
|
|
run: |
|
|
echo "GPG ---------------------"
|
|
echo "fingerprint: ${{ steps.import_gpg.outputs.fingerprint }}"
|
|
echo "keyid: ${{ steps.import_gpg.outputs.keyid }}"
|
|
echo "name: ${{ steps.import_gpg.outputs.name }}"
|
|
echo "email: ${{ steps.import_gpg.outputs.email }}"
|
|
echo "Go env ------------------"
|
|
pwd
|
|
echo ${HOME}
|
|
echo ${GITHUB_WORKSPACE}
|
|
echo ${GOPATH}
|
|
echo ${GOROOT}
|
|
env
|
|
-
|
|
name: Generate release-notes
|
|
run: |
|
|
go run helpers/changelog/main.go >../RELEASE_NOTES
|
|
-
|
|
name: Run GoReleaser
|
|
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
|
|
with:
|
|
version: latest
|
|
args: release --release-notes=../RELEASE_NOTES
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
|
|
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
|
|
GOPATH: /home/runner/go
|
|
-
|
|
name: "Add Windows installer (msi) to release"
|
|
run: | # until https://github.com/goreleaser/goreleaser/issues/1295, disabled until #2038 is fixed
|
|
tag="${GITHUB_REF#refs/tags/}"
|
|
version=${tag#v}
|
|
make msi
|
|
msi=dist/gopass-x64-windows-${version}.msi
|
|
gh release upload "${tag}" "${msi}"
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
|
|
-
|
|
name: "Upload deb files to apt hosting"
|
|
run: |
|
|
for D in dist/*.deb; do
|
|
curl -H"X-Filename: ${D}" -H"X-Apikey: ${APIKEY}" -XPOST --data-binary @$D https://packages.gopass.pw/repos/gopass/upload
|
|
curl -H"X-Filename: ${D}" -H"X-Apikey: ${APIKEY}" -XPOST --data-binary @$D https://packages.gopass.pw/repos/gopass-unstable/upload
|
|
done
|
|
env:
|
|
APIKEY: ${{ secrets.APT_APIKEY }}
|
|
|