diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8840ed1f..77a4a08a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,3 +1,14 @@ +# This GitHub action can publish assets for release when a tag is created. +# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0). +# +# This uses an action (hashicorp/ghaction-import-gpg) that assumes you set your +# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE` +# secret. If you would rather own your own GPG handling, please fork this action +# or use an alternative one for key handling. +# +# You will need to pass the `--batch` flag to `gpg` in your signing step +# in `goreleaser` to indicate this is being used in a non-interactive mode. +# name: release on: push: @@ -9,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v2.4.0 - name: Unshallow run: git fetch --prune --unshallow @@ -17,7 +28,7 @@ jobs: name: Set up Go uses: actions/setup-go@v2 with: - go-version: 1.14 + go-version: 1.17 - name: Import GPG key id: import_gpg @@ -28,7 +39,7 @@ jobs: PASSPHRASE: ${{ secrets.PASSPHRASE }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2.7.0 + uses: goreleaser/goreleaser-action@v2.8.1 with: version: latest args: release --parallelism 2 --rm-dist --timeout 1h --release-notes .release_info.md diff --git a/.gitignore b/.gitignore index 3ec752f9..a893f74a 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,4 @@ scripts/fakeserver* tmp tmpgpg dist +.idea diff --git a/.goreleaser.yml b/.goreleaser.yml index 576d6583..23f50b30 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,8 +1,14 @@ +# Visit https://goreleaser.com for documentation on how to customize this +# behavior. before: hooks: + # this is just an example and not a requirement for provider building/publishing - go mod tidy builds: - env: + # goreleaser does not work with CGO, it could also complicate + # usage by users in CI/CD systems like Terraform Cloud where + # they are unable to install libraries. - CGO_ENABLED=0 mod_timestamp: '{{ .CommitTimestamp }}' flags: @@ -23,50 +29,32 @@ builds: - goos: darwin goarch: '386' binary: '{{ .ProjectName }}_v{{ .Version }}' - - id: fakeserver - dir: fakeservercli - env: - - CGO_ENABLED=0 - mod_timestamp: '{{ .CommitTimestamp }}' - flags: - - -trimpath - ldflags: - - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' - goos: - - freebsd - - windows - - linux - - darwin - goarch: - - amd64 - - '386' - - arm - - arm64 - ignore: - - goos: darwin - goarch: '386' - binary: 'fakeserver_v{{ .Version }}' - archives: - format: zip name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' - - id: fakeserver - format: zip - name_template: 'fakeserver_{{ .Version }}_{{ .Os }}_{{ .Arch }}' checksum: + extra_files: + - glob: 'terraform-registry-manifest.json' + name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' algorithm: sha256 signs: - artifacts: checksum args: + # if you are using this in a GitHub action or some other automated pipeline, you + # need to pass the batch flag to indicate its not interactive. - "--batch" - "--local-user" - - "{{ .Env.GPG_FINGERPRINT }}" + - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key - "--output" - "${signature}" - "--detach-sign" - "${artifact}" release: - draft: false + extra_files: + - glob: 'terraform-registry-manifest.json' + name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json' + # If you want to manually examine the release before its live, uncomment this line: + # draft: true changelog: skip: true diff --git a/terraform-registry-manifest.json b/terraform-registry-manifest.json new file mode 100644 index 00000000..ef650d4b --- /dev/null +++ b/terraform-registry-manifest.json @@ -0,0 +1,6 @@ +{ + "version": 1, + "metadata": { + "protocol_versions": ["5.0"] + } +}