name: Release on: push: branches: - main paths: - 'src/**' - 'packages/**' - '.github/workflows/**' jobs: changelog: runs-on: ubuntu-latest outputs: version: ${{ steps.changelog.outputs.version }} body: ${{ steps.changelog.outputs.clean_changelog }} tag: ${{ steps.changelog.outputs.tag }} skipped: ${{ steps.changelog.outputs.skipped }} steps: - name: Checkout code 👋 uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 - name: Create changelog ✍️ id: changelog uses: TriPSs/conventional-changelog-action@b7f32a8347e86c26ea2f4823cc7c160b9014c6a0 with: github-token: ${{ secrets.github_token }} skip-version-file: "true" output-file: "false" skip-commit: "true" skip-on-empty: "true" artifacts: needs: changelog if: ${{ needs.changelog.outputs.skipped == 'false' }} runs-on: ubuntu-latest env: COSIGN_KEY_LOCATION: "/tmp/cosign.key" defaults: run: shell: pwsh working-directory: ${{ github.workspace }}/src steps: - name: Checkout code 👋 uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 - name: Install Go 🗳 uses: ./.github/workflows/composite/bootstrap-go - name: Tag HEAD 😸 run: | git config --global user.name "GitHub Actions" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" git tag ${{ needs.changelog.outputs.tag }} - name: Install cosign 🔑 uses: sigstore/cosign-installer@dd6b2e2b610a11fd73dd187a43d57cc1394e35f9 with: cosign-release: 'v1.4.0' - name: Private Key 🔐 run: | $PSDefaultParameterValues['Out-File:Encoding']='UTF8' $env:COSIGN_KEY > $env:COSIGN_KEY_LOCATION env: COSIGN_KEY: ${{secrets.COSIGN_KEY}} - name: Run GoReleaser 🚀 uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 with: distribution: goreleaser version: latest args: build --rm-dist workdir: src env: COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Zip theme files 🤐 run: | $compress = @{ Path = "../themes/*.omp.*" CompressionLevel = "Fastest" DestinationPath = "./dist/themes.zip" } Compress-Archive @compress - name: Add hashes 🤫 run: | Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique | Foreach-Object { $zipHash = Get-FileHash $_.FullName -Algorithm SHA256 $zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256" } shell: pwsh - name: Release 🎓 uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 with: tag_name: ${{ needs.changelog.outputs.tag }} body: ${{ needs.changelog.outputs.body }} fail_on_unmatched_files: true token: ${{ secrets.GH_PAT }} files: | src/dist/posh-* src/dist/themes.*