From 9eef152b6ef15251ea61b6aa3a06c910c1f5871c Mon Sep 17 00:00:00 2001 From: Taylor Ludwig Date: Thu, 21 Aug 2025 11:20:24 -0700 Subject: [PATCH 1/3] cleanup readme --- README.md | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index d3a05bd..d9b5632 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Use major version tags for stability: # For reusable workflows jobs: release: - uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v2 + uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.1 ``` Pin a commit SHA internally for maximum supply‑chain safety if desired. @@ -34,12 +34,13 @@ Standardized GoReleaser workflow for building and releasing Go applications with - Wraps `goreleaser-action` action with all .gorelease.yaml configurations - Container image builds and publishing - Binary and container attestation/signing +- Snapshot builds on pull requests **Usage:** ```yaml jobs: release: - uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v2 + uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.1 with: pre-build-commands: | go install github.com/swaggo/swag/cmd/swag@latest @@ -48,11 +49,7 @@ jobs: ``` -<<<<<<< HEAD -See the [workflow](workflows/go-build-release.yml) for additional input parameters. -======= -**Documentation:** [docs/go-build-release.md](docs/go-build-release.md) -**Examples:** [examples/](examples/) +See the [workflow](.github/workflows/go-build-release.yml) for additional input parameters. ### gpg-ephemeral-key Generates a short‑lived RSA key (default 3072‑bit, 1 day) using an isolated `GNUPGHOME`, signs it with a repo‑scoped subkey you provide, and outputs: From b15ffbf6eb3d4e70b2b3e01aa01a9cb42dad2d36 Mon Sep 17 00:00:00 2001 From: Taylor Ludwig Date: Thu, 21 Aug 2025 11:32:55 -0700 Subject: [PATCH 2/3] support snapshot releases --- .github/workflows/go-build-release.yml | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/.github/workflows/go-build-release.yml b/.github/workflows/go-build-release.yml index b4b2221..f487f9b 100644 --- a/.github/workflows/go-build-release.yml +++ b/.github/workflows/go-build-release.yml @@ -52,6 +52,11 @@ on: description: 'Container registry name (e.g., ghcr.io/openchami/project-name) to Generate build provenance for container' required: true type: string + snapshot: + description: 'Snapshot mode: auto (default - snapshot if not a tag), true (force snapshot), false (force regular release)' + required: false + type: string + default: 'auto' permissions: write-all # Necessary for the generate-build-provenance action with containers @@ -105,13 +110,29 @@ jobs: if: ${{ inputs.pre-build-commands != '' }} run: ${{ inputs.pre-build-commands }} + - name: Determine snapshot flags + id: snapshot_flags + run: | + if [[ "${{ inputs.snapshot }}" == "true" ]]; then + echo "flags=--snapshot" >> $GITHUB_OUTPUT + elif [[ "${{ inputs.snapshot }}" == "false" ]]; then + echo "flags=" >> $GITHUB_OUTPUT + else + # auto mode - snapshot if not a tag + if [[ "${{ github.ref }}" != refs/tags/v* ]]; then + echo "flags=--snapshot" >> $GITHUB_OUTPUT + else + echo "flags=" >> $GITHUB_OUTPUT + fi + fi + - name: Release with GoReleaser uses: goreleaser/goreleaser-action@v6 env: GITHUB_TOKEN: ${{ github.token }} with: version: ${{ inputs.goreleaser-version }} - args: ${{ inputs.goreleaser-args }} + args: ${{ inputs.goreleaser-args }} ${{ steps.snapshot_flags.outputs.flags }} id: goreleaser - name: Process GoReleaser output From eb98ffb6c2e7a8db6b13815eb3dc04f2e7de51bf Mon Sep 17 00:00:00 2001 From: Taylor Ludwig Date: Thu, 21 Aug 2025 11:34:47 -0700 Subject: [PATCH 3/3] update readme --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index d9b5632..bd2bfbd 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,15 @@ Standardized GoReleaser workflow for building and releasing Go applications with **Usage:** ```yaml +name: Release with goreleaser + +on: + workflow_dispatch: + pull_request: + push: + tags: + - v* + jobs: release: uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.1