From bc305e2ef19ba1da21f150d7fe0c982b317674f0 Mon Sep 17 00:00:00 2001
From: Claire Labry <claire@hashicorp.com>
Date: Wed, 30 Mar 2022 09:02:39 -0400
Subject: [PATCH] Necessary bits to onboard project to the Releases API

---
 .github/workflows/release.yaml | 57 ++++++++++++++++++++++++----------
 .goreleaser.yml                | 11 ++++---
 .release/release-metadata.hcl  |  2 ++
 3 files changed, 48 insertions(+), 22 deletions(-)
 create mode 100644 .release/release-metadata.hcl

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 122b3b1d06..d0430d89f6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -30,20 +30,43 @@ jobs:
           name: release-notes
           path: release-notes.txt
           retention-days: 1
-  terraform-provider-release:
-    name: 'Terraform Provider Release'
-    needs: [go-version, release-notes]
-    uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@v1
-    secrets:
-      hc-releases-aws-access-key-id: '${{ secrets.TF_PROVIDER_RELEASE_AWS_ACCESS_KEY_ID }}'
-      hc-releases-aws-secret-access-key: '${{ secrets.TF_PROVIDER_RELEASE_AWS_SECRET_ACCESS_KEY }}'
-      hc-releases-aws-role-arn: '${{ secrets.TF_PROVIDER_RELEASE_AWS_ROLE_ARN }}'
-      hc-releases-fastly-api-token: '${{ secrets.HASHI_FASTLY_PURGE_TOKEN }}'
-      hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}'
-      hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}'
-      setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}'
-      signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}'
-      signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}'
-    with:
-      release-notes: true
-      setup-go-version: '${{ needs.go-version.outputs.version }}'
+    
+      - name: Setup hc-releases
+        uses: hashicorp/actions-setup-hc-releases@v2
+        with:
+          github-token: ${{ secrets.CODESIGN_GITHUB_TOKEN }}
+        
+        terraform-provider-release:
+          name: 'Terraform Provider Release'
+          needs: [go-version, release-notes]
+          uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@v1
+          secrets:
+            hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}'
+            hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}'
+            setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}'
+            signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}'
+            signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}'
+          with:
+            release-notes: true
+            setup-go-version: '${{ needs.go-version.outputs.version }}'
+          env:
+            HC_RELEASES_HOST_STAGING: '${{ secrets.HC_RELEASES_HOST_STAGING }}'
+            HC_RELEASES_KEY_STAGING: '${{ secrets.HC_RELEASES_KEY_STAGING }}'
+
+      - name: Create Release metadata
+        uses: hashicorp/actions-hc-releases-create-metadata@v1
+        with:
+          private-tools-token: ${{ secrets.CODESIGN_GITHUB_TOKEN }}
+          product-name: "terraform-provider-helm"
+          version: ${{ github.ref_name }}
+          hc-releases-host: ${{ secrets.HC_RELEASES_HOST_STAGING}}
+          hc-releases-key: ${{ secrets.HC_RELEASES_KEY_STAGING }}
+     
+      - name: Promote
+        uses: hashicorp/actions-hc-releases-promote@v1
+        with:
+          product-name: "terraform-provider-helm"
+          version: ${{ github.ref_name }}
+          hc-releases-host: ${{ secrets.HC_RELEASES_HOST_PROD }}
+          hc-releases-key: ${{ secrets.HC_RELEASES_KEY_PROD }}
+          hc-releases-source_env_key: ${{ secrets.HC_RELEASES_KEY_STAGING }}
diff --git a/.goreleaser.yml b/.goreleaser.yml
index 333fa05236..993ba0ab4e 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -45,15 +45,16 @@ publishers:
     # Terraform CLI 0.10 - 0.11 perform discovery via HTTP headers on releases.hashicorp.com
     # For providers which have existed since those CLI versions, exclude
     # discovery by setting the protocol version headers to 5.
-    cmd: hc-releases upload-file {{ abs .ArtifactPath }} -header=x-terraform-protocol-version=5 -header=x-terraform-protocol-versions=5.0 -upload-name={{ .ArtifactName }}
     env:
-      - AWS_ACCESS_KEY_ID={{ .Env.AWS_ACCESS_KEY_ID }}
-      - AWS_SECRET_ACCESS_KEY={{ .Env.AWS_SECRET_ACCESS_KEY }}
-      - AWS_SESSION_TOKEN={{ .Env.AWS_SESSION_TOKEN }}
+      - HC_RELEASES_HOST={{ .Env.HC_RELEASES_HOST_STAGING }}
+      - HC_RELEASES_KEY={{ .Env.HC_RELEASES_KEY_STAGING }}
+    dir: "{{ dir .ArtifactPath }}"
+    cmd: |
+      hc-releases upload -file={{ .ArtifactName }} -product={{ .ProjectName }} -version={{ .Version }}
     extra_files:
       - glob: 'terraform-registry-manifest.json'
         name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
-    name: hc-releases
+    name: upload
     signature: true
 release:
   extra_files:
diff --git a/.release/release-metadata.hcl b/.release/release-metadata.hcl
new file mode 100644
index 0000000000..1b387feaf8
--- /dev/null
+++ b/.release/release-metadata.hcl
@@ -0,0 +1,2 @@
+url_source_repository      = "https://github.com/hashicorp/terraform-provider-helm"
+url_license                = "https://github.com/hashicorp/terraform-provider-helm/blob/main/LICENSE"