diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..a57e396a --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,40 @@ +name: Create a release + +on: + push: + tags: + - "*" + +permissions: + contents: write + +jobs: + create_a_release: + name: create a release + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - run: git fetch --force --tags + - uses: actions/setup-go@v3 + with: + go-version: ">=1.19.4" + cache: true + - uses: sigstore/cosign-installer@main + - uses: goreleaser/goreleaser-action@v4 + with: + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + - run: echo "${HOME}/.humanlog/bin" >> $GITHUB_PATH + - run: curl https://humanlog.io/install_apictl.sh | bash + - run: ./script/create_version_artifacts.sh + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + HMAC_KEY_ID: ${{ secrets.HMAC_KEY_ID }} + HMAC_PRIVATE_KEY: ${{ secrets.HMAC_PRIVATE_KEY }} diff --git a/cmd/humanlog/main.go b/cmd/humanlog/main.go index 5253cf5a..39e43cf7 100644 --- a/cmd/humanlog/main.go +++ b/cmd/humanlog/main.go @@ -205,12 +205,12 @@ func newApp() *cli.App { return fmt.Errorf("reading default config file: %v", err) } - if statefile.LatestKnownVersion != nil && statefile.LatestKnownVersion.GT(semverVersion) { - promptToUpdate(semverVersion, *statefile.LatestKnownVersion) - promptedToUpdate = statefile.LatestKnownVersion - } - if shouldCheckForUpdate(c, cfg, statefile) { + if statefile.LatestKnownVersion != nil && statefile.LatestKnownVersion.GT(semverVersion) { + promptToUpdate(semverVersion, *statefile.LatestKnownVersion) + promptedToUpdate = statefile.LatestKnownVersion + } + req := &checkForUpdateReq{ arch: runtime.GOARCH, os: runtime.GOOS, diff --git a/goreleaser.yaml b/goreleaser.yaml index a9cfb7f2..56c09afb 100644 --- a/goreleaser.yaml +++ b/goreleaser.yaml @@ -1,22 +1,60 @@ -build: - main: ./cmd/humanlog/main.go - binary: humanlog - ldflags: - - -s -w -X main.versionMajor={{.Major}} -X main.versionMinor={{.Minor}} -X main.versionPatch={{.Patch}} -X main.versionPrerelease={{.Prerelease}} -X main.versionBuild={{.ShortCommit}} - goos: - - windows - - darwin - - linux - goarch: - - amd64 - - arm64 - +project_name: humanlog +before: + hooks: + - go mod tidy + - go generate ./... +builds: + - main: ./cmd/humanlog/main.go + binary: humanlog + env: + - CGO_ENABLED=0 + ldflags: + - -s -w -X main.versionMajor={{.Major}} -X main.versionMinor={{.Minor}} -X main.versionPatch={{.Patch}} -X main.versionPrerelease={{.Prerelease}} -X main.versionBuild={{.ShortCommit}} + goos: + - windows + - darwin + - linux + goarch: + - amd64 + - arm64 +release: + github: + owner: humanlogio + name: humanlog +archives: + - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" + format_overrides: + - goos: windows + format: zip brews: - tap: owner: humanlogio name: homebrew-tap - nfpms: - - maintainer: 'antoinegrondin@gmail.com' + - maintainer: "antoinegrondin@gmail.com" formats: - deb +checksum: + name_template: "checksums.txt" +signs: + - cmd: cosign + stdin: "{{ .Env.COSIGN_PWD }}" + args: + [ + "sign-blob", + "--key=env://COSIGN_PRIVATE_KEY", + "--output-signature=${signature}", + "${artifact}", + ] + artifacts: all +snapshot: + name_template: "{{ incpatch .Version }}-next" +changelog: + sort: asc + filters: + exclude: + - "^docs:" + - "^test:" +# modelines, feel free to remove those if you don't want/use them: +# yaml-language-server: $schema=https://goreleaser.com/static/schema.json +# vim: set ts=2 sw=2 tw=0 fo=cnqoj diff --git a/script/create_version_artifacts.sh b/script/create_version_artifacts.sh new file mode 100755 index 00000000..33b09f4c --- /dev/null +++ b/script/create_version_artifacts.sh @@ -0,0 +1,87 @@ +#!/usr/bin/env bash + +set -euo pipefail + +root=$(git rev-parse --show-toplevel) + +function list_archives() { + jq < dist/artifacts.json -r '.[] | select(.type == "Archive") | .name, .path, .goos, .goarch' +} + +function handle_archive() { + while read -r filename; read -r path; read -r goos; read -r goarch; do + local url=$(get_archive_url ${filename}) + if [ -z "${url}" ]; then echo "no archive for ${filename}"; continue; fi + local sig=$(get_signature ${path}) + + apictl create version-artifact \ + --project ${project} \ + --major $(get_version_major) \ + --minor $(get_version_minor) \ + --patch $(get_version_patch) \ + --sha256 $(get_sha256sum ${path}) \ + --url ${url} \ + --os ${goos} \ + --arch ${goarch} \ + --sig ${sig} + done +} + +function get_archive_url() { + local filename=${1} + gh api graphql -F owner=${owner} -F name=${project} -F tag="v${tag}" -F filename=${filename} -f query=' + query($name: String!, $owner: String!, $tag: String!, $filename: String!) { + repository(name: $name, owner: $owner) { + release(tagName: $tag) { + releaseAssets(first: 1, name: $filename) { + nodes { + downloadUrl + } + } + } + } + }' --jq '.data.repository.release.releaseAssets.nodes[0].downloadUrl' +} + +function get_sha256sum() { + local filename=${1} + shasum -a 256 ${filename} | cut -d " " -f 1 +} + +function get_signature() { + local filename=${1} + cat ${filename}.sig +} + +function get_version_major() { + major=`echo ${tag} | cut -d. -f1` + echo "${major}" +} + +function get_version_minor() { + minor=`echo ${tag} | cut -d. -f2` + echo "${minor}" +} + +function get_version_patch() { + patch=`echo ${tag} | cut -d. -f3` + echo "${patch}" +} + +function get_version() { + jq < dist/metadata.json -r '.version' +} + +function get_project_name() { + jq < dist/metadata.json -r '.project_name' +} + +function main() { + owner=humanlogio + project=$(get_project_name) + tag=$(get_version) + + list_archives | handle_archive +} + +main \ No newline at end of file