-
Notifications
You must be signed in to change notification settings - Fork 0
151 lines (131 loc) · 4.78 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: Go Build and Release
on:
push:
tags:
- 'v*'
jobs:
build:
name: Build on ${{ matrix.os }} for ${{ matrix.arch }}
runs-on: ubuntu-latest
strategy:
matrix:
os: [linux, darwin, windows]
arch: [amd64, arm64, 386, mips, mips64, mips64le, mipsle, ppc64, ppc64le, riscv64, s390x]
exclude:
- os: darwin
arch: 386
- os: darwin
arch: mips
- os: darwin
arch: mips64
- os: darwin
arch: mips64le
- os: darwin
arch: mipsle
- os: darwin
arch: ppc64
- os: darwin
arch: ppc64le
- os: darwin
arch: riscv64
- os: darwin
arch: s390x
- os: windows
arch: mips64
- os: windows
arch: mips64le
- os: windows
arch: mipsle
- os: windows
arch: mips
- os: windows
arch: ppc64
- os: windows
arch: ppc64le
- os: windows
arch: riscv64
- os: windows
arch: s390x
steps:
- name: Extract Tag Name
run: echo "TAG_NAME=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.22.x'
- name: Check out code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Build
run: |
make build GOOS=${{ matrix.os }} GOARCH=${{ matrix.arch }} VERSION=${{ env.TAG_NAME }}
- name: Install Syft
run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
- name: Generate SBOM
run: syft goselfshield -o text > NOTICE
- name: Prepare Artifacts
run: |
mkdir goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
mv goselfshield goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}/goselfshield
cp LICENSE.md goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}/LICENSE
zip -r goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}.zip goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
path: goselfshield-${{ env.TAG_NAME }}-${{ matrix.os }}-${{ matrix.arch }}.zip
release:
needs: build
runs-on: ubuntu-latest
steps:
- name: Set MIT LICENSE Date
run: echo "MIT_DATE=$(date -d "+2 years" +'%Y-%m-%d')" >> $GITHUB_ENV
- name: Extract Tag Name
run: echo "TAG_NAME=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV
- name: Set Current Date
run: echo "CURRENT_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
- name: Download Artifacts
uses: actions/download-artifact@v4
with:
path: .
pattern: goselfshield-v*
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }} / ${{ env.CURRENT_DATE }}
draft: false
prerelease: false
body: |
This release is provided under **Functional Source License, Version 1.1, MIT Future License**.
For commercial license options before **${{ env.MIT_DATE }}**, please contact sales at [sales@hg.fi](mailto:sales@hg.fi) or visit our [website](https://www.heusalagroup.com).
Please refer to [the full license text](https://github.com/hyperifyio/goselfshield/blob/main/LICENSE.md) for detailed terms and conditions.
- name: Upload Release Assets
run: |
for os in linux darwin windows; do
for arch in amd64 arm64 386 mips mips64 mips64le mipsle ppc64 ppc64le riscv64 s390x; do
upload_url=$(echo "${{ steps.create_release.outputs.upload_url }}" | sed -re 's@/assets([?{][^\/]*)$@/assets@')
file="goselfshield-${{ env.TAG_NAME }}-$os-$arch/goselfshield-${{ env.TAG_NAME }}-$os-$arch.zip"
if [ -f "$file" ]; then
echo
echo "Uploading $file"
echo '------------------------------'
curl -L \
-X POST \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-H "Content-Type: application/octet-stream" \
--data-binary @"$file" \
"$upload_url?name=$(basename $file)"
echo '------------------------------'
else
echo "$file not found, skipping..."
fi
done
done
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}