name: build concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true on: workflow_dispatch: push: branches: - 'master' tags: - 'v*' pull_request: env: DESTDIR: ./bin GO_VERSION: 1.20.6 jobs: validate: runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: target: - lint - validate-vendor steps: - name: Checkout uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Run run: | make ${{ matrix.target }} test: runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: - ubuntu-22.04 - ubuntu-20.04 - macOS-11 - windows-2022 steps: - name: Checkout uses: actions/checkout@v3 - name: Set up Go uses: actions/setup-go@v3 with: go-version: ${{ env.GO_VERSION }} cache: true - name: Install deps (ubuntu) if: startsWith(matrix.os, 'ubuntu-') run: | sudo apt-get update sudo apt-get install -y dbus-x11 gnome-keyring libsecret-1-dev pass - name: Install deps (macOS) if: startsWith(matrix.os, 'macOS-') run: | brew install pass - name: GPG conf if: ${{ !startsWith(matrix.os, 'windows-') }} uses: actions/github-script@v6 id: gpg with: script: | const fs = require('fs'); const gnupgfolder = `${require('os').homedir()}/.gnupg`; if (!fs.existsSync(gnupgfolder)){ fs.mkdirSync(gnupgfolder); } fs.copyFile('.github/workflows/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => { if (err) throw err; }); core.setOutput('key', fs.readFileSync('.github/workflows/fixtures/7D851EB72D73BDA0.key', {encoding: 'utf8'})); core.setOutput('passphrase', fs.readFileSync('.github/workflows/fixtures/7D851EB72D73BDA0.pass', {encoding: 'utf8'})); - name: Import GPG key if: ${{ !startsWith(matrix.os, 'windows-') }} uses: crazy-max/ghaction-import-gpg@v5 with: gpg_private_key: ${{ steps.gpg.outputs.key }} passphrase: ${{ steps.gpg.outputs.passphrase }} trust_level: 5 - name: Init pass if: ${{ !startsWith(matrix.os, 'windows-') }} run: | pass init 7D851EB72D73BDA0 shell: bash - name: Test run: | make test COVERAGEDIR=${{ env.DESTDIR }} shell: bash - name: Upload coverage uses: codecov/codecov-action@v3 with: file: ${{ env.DESTDIR }}/coverage.txt test-sandboxed: runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Test uses: docker/bake-action@v2 with: targets: test set: | *.cache-from=type=gha,scope=test *.cache-to=type=gha,scope=test,mode=max - name: Upload coverage uses: codecov/codecov-action@v3 with: file: ${{ env.DESTDIR }}//coverage.txt build: runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build run: | make release env: CACHE_FROM: type=gha,scope=build CACHE_TO: type=gha,scope=build,mode=max - name: List artifacts run: | tree -nh ${{ env.DESTDIR }} - name: Check artifacts run: | find ${{ env.DESTDIR }} -type f -exec file -e ascii -e text -- {} + - name: Upload artifacts uses: actions/upload-artifact@v3 with: name: docker-credential-helpers path: ${{ env.DESTDIR }}/* if-no-files-found: error - name: GitHub Release if: startsWith(github.ref, 'refs/tags/v') uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: draft: true files: ${{ env.DESTDIR }}/* build-deb: runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Build run: | make deb