name: Release on: push: branches: - main paths: - 'src/**' - 'packages/**' - '.github/workflows/**' jobs: changelog: runs-on: ubuntu-latest outputs: version: ${{ steps.changelog.outputs.version }} body: ${{ steps.changelog.outputs.clean_changelog }} tag: ${{ steps.changelog.outputs.tag }} skipped: ${{ steps.changelog.outputs.skipped }} steps: - name: Checkout code 👋 uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab - name: Create changelog ✍️ id: changelog uses: TriPSs/conventional-changelog-action@858fe562a4d01987825f5e96b2a541f53b22c8b6 with: github-token: ${{ secrets.github_token }} skip-version-file: "true" output-file: "false" skip-commit: "true" skip-on-empty: "true" artifacts: needs: changelog if: ${{ needs.changelog.outputs.skipped == 'false' }} runs-on: ubuntu-latest env: COSIGN_KEY_LOCATION: "/tmp/cosign.key" defaults: run: shell: pwsh working-directory: ${{ github.workspace }}/src steps: - name: Checkout code 👋 uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab - name: Install Go 🗳 uses: ./.github/workflows/composite/bootstrap-go - name: Tag HEAD 😸 run: | git config --global user.name "GitHub Actions" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" git tag ${{ needs.changelog.outputs.tag }} - name: Install cosign 🔑 uses: sigstore/cosign-installer@9e9de2292db7abb3f51b7f4808d98f0d347a8919 with: cosign-release: 'v1.4.0' - name: Private Key 🔐 run: | $PSDefaultParameterValues['Out-File:Encoding']='UTF8' $env:COSIGN_KEY > $env:COSIGN_KEY_LOCATION env: COSIGN_KEY: ${{secrets.COSIGN_KEY}} - name: Run GoReleaser 🚀 uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b with: distribution: goreleaser version: latest args: build --rm-dist workdir: src env: COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Zip theme files 🤐 run: | $compress = @{ Path = "../themes/*.omp.*" CompressionLevel = "Fastest" DestinationPath = "./dist/themes.zip" } Compress-Archive @compress - name: Add hashes 🤫 run: | Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique | Foreach-Object { $zipHash = Get-FileHash $_.FullName -Algorithm SHA256 $zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256" } shell: pwsh - name: Release 🎓 uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 with: tag_name: ${{ needs.changelog.outputs.tag }} body: ${{ needs.changelog.outputs.body }} fail_on_unmatched_files: true token: ${{ secrets.GH_PAT }} files: | src/dist/posh-* src/dist/themes.*