chore(deps): bump workflow v0.64.0 (#23) #7
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - uses: GoCodeAlone/setup-wfctl@v1 | |
| with: | |
| version: v0.63.2 | |
| - name: Validate plugin contract for publish (pre-build) | |
| run: wfctl plugin validate-contract --for-publish --tag "${{ github.ref_name }}" . | |
| - uses: goreleaser/goreleaser-action@v7 | |
| with: | |
| distribution: goreleaser | |
| version: '~> v2' | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GOPRIVATE: github.com/GoCodeAlone/* | |
| GONOSUMCHECK: github.com/GoCodeAlone/* | |
| # workflow#765: runtime truth-check via plugin verify-capabilities. | |
| - name: Verify capabilities (runtime truth-check) | |
| run: | | |
| RUNNER_ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/') | |
| BIN=$(jq -r --arg arch "$RUNNER_ARCH" \ | |
| '[.[] | select(.type=="Binary" and .goos=="linux" and .goarch==$arch and (.name|startswith("workflow-plugin-github")))] | .[0].path // ""' \ | |
| dist/artifacts.json) | |
| if [ -z "$BIN" ] || [ "$BIN" = "null" ]; then | |
| echo "::warning::No matching linux/$RUNNER_ARCH binary in dist/artifacts.json; skipping verify-capabilities" | |
| jq '.[] | {name, type, goos, goarch, path}' dist/artifacts.json | |
| exit 0 | |
| fi | |
| wfctl plugin verify-capabilities --binary "$BIN" . | |
| - name: Verify shipped plugin.json carries tag (post-build) | |
| run: | | |
| if [ -f .release/plugin.json ]; then | |
| wfctl plugin validate-contract --for-publish --tag "${{ github.ref_name }}" --release-dir .release . | |
| else | |
| wfctl plugin validate-contract --for-publish --tag "${{ github.ref_name }}" --release-dir . . | |
| fi | |
| - name: Publish release (was draft during asset upload) | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: gh release edit ${{ github.ref_name }} --draft=false --repo ${{ github.repository }} | |
| notify-workflow-registry: | |
| name: Notify workflow-registry | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| needs: release | |
| if: >- | |
| !github.event.deleted | |
| && !contains(github.ref_name, '-') | |
| && github.repository == 'GoCodeAlone/workflow-plugin-github' | |
| steps: | |
| - name: Trigger registry manifest sync | |
| uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 | |
| with: | |
| token: ${{ secrets.repo_dispatch_token }} | |
| repository: GoCodeAlone/workflow-registry | |
| event-type: plugin-release | |
| client-payload: |- | |
| {"plugin": "github", "tag": "${{ github.ref_name }}"} |