name: Release on: push: branches: - main paths: - 'src/**' - 'packages/**' - '.github/workflows/**' jobs: changelog: runs-on: ubuntu-latest outputs: version: ${{ steps.changelog.outputs.version }} body: ${{ steps.changelog.outputs.clean_changelog }} tag: ${{ steps.changelog.outputs.tag }} skipped: ${{ steps.changelog.outputs.skipped }} steps: - name: Checkout code 👋 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Create changelog ✍️ id: changelog uses: TriPSs/conventional-changelog-action@3a392e9aa44a72686b0fc13259a90d287dd0877c with: github-token: ${{ secrets.github_token }} skip-version-file: "true" output-file: "false" skip-commit: "true" skip-on-empty: "true" artifacts: needs: changelog if: ${{ needs.changelog.outputs.skipped == 'false' }} runs-on: ubuntu-latest env: COSIGN_KEY_LOCATION: "/tmp/cosign.key" defaults: run: shell: pwsh working-directory: ${{ github.workspace }}/src steps: - name: Checkout code 👋 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Install Go 🗳 uses: ./.github/workflows/composite/bootstrap-go - name: Tag HEAD 😸 run: | git config --global user.name "GitHub Actions" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" git tag ${{ needs.changelog.outputs.tag }} - name: Install cosign 🔑 uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 with: cosign-release: 'v1.4.0' - name: Private Key 🔐 run: | $PSDefaultParameterValues['Out-File:Encoding']='UTF8' $env:COSIGN_KEY > $env:COSIGN_KEY_LOCATION env: COSIGN_KEY: ${{secrets.COSIGN_KEY}} - name: Run GoReleaser 🚀 uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 with: distribution: goreleaser version: latest args: build --clean workdir: src env: COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Zip theme files 🤐 run: | $compress = @{ Path = "../themes/*.omp.*" CompressionLevel = "Fastest" DestinationPath = "./dist/themes.zip" } Compress-Archive @compress - name: Add hashes 🤫 run: | Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique | Foreach-Object { $zipHash = Get-FileHash $_.FullName -Algorithm SHA256 $zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256" } shell: pwsh - name: Release 🎓 uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 with: tag_name: ${{ needs.changelog.outputs.tag }} body: ${{ needs.changelog.outputs.body }} fail_on_unmatched_files: true token: ${{ secrets.GH_PAT }} files: | src/dist/posh-* src/dist/themes.*