diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a66d621..703146f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,17 +17,26 @@ jobs: uses: actions/checkout@v2 with: fetch-depth: 0 + - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.23.3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 + - name: Log in to registry run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin - - uses: cachix/install-nix-action@v22 + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v6 with: - nix_path: nixpkgs=channel:nixos-unstable + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + trust_level: 5 + - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2 with: @@ -38,3 +47,4 @@ jobs: GITHUB_TOKEN: ${{ secrets.PAT }} FURY_TOKEN: ${{ secrets.FURY_TOKEN }} BLUESKY_APP_PASSWORD: ${{ secrets.BLUESKY_APP_PASSWORD }} + GPG_KEYID: ${{ steps.import_gpg.outputs.keyid }} diff --git a/.goreleaser.yml b/.goreleaser.yml index 8c33692..c7b000d 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -78,12 +78,33 @@ checksum: name_template: "checksums.txt" binary_signs: - - {} + - cmd: gpg2 + args: + [ + "-u", + "{{ .Env.GPG_KEYID }}", + "--output", + "${signature}", + "--detach-sign", + "${artifact}", + ] signs: - artifacts: checksum + cmd: gpg2 + args: + [ + "--batch", + "-u", + "{{ .Env.GPG_KEYID }}", + "--output", + "${signature}", + "--detach-sign", + "${artifact}", + ] announce: bluesky: enabled: true username: "me.felixwie.com" + message_template: "📜 {{ .ProjectName }} {{ .Tag }} is out! Check it out at {{ .ReleaseURL }}" diff --git a/Taskfile.yaml b/Taskfile.yaml index 9ca0ab7..1b864b2 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -15,3 +15,7 @@ tasks: run: desc: Run application cmd: go run main.go {{ .CLI_ARGS }} + + release: + desc: Run GoReleaser + cmd: goreleaser release --snapshot --clean