Add GitHub CLI authentication steps #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Build | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| env: | |
| APP_NAME: 'geoip-policyd' | |
| MAINTAINER: 'croessner' | |
| DESC: 'Policy server that blocks senders based on country and IP diversity.' | |
| CHGELOG_VERSION: '0.15.4' | |
| jobs: | |
| build-artifact: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| goos: [linux] | |
| goarch: [amd64, arm64] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.22.x | |
| - run: | | |
| GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} \ | |
| go build -mod=vendor -ldflags="-s -X main.version=${GITHUB_REF#refs/heads/})-${GITHUB_SHA:0:8}" -o ${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }} . | |
| - name: Create artifact | |
| run: | | |
| os="${{ runner.os }}" | |
| assets="${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }}" | |
| echo "$assets" | |
| mkdir -p "dist/$assets" | |
| cp -r ${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }} LICENSE README.* "dist/$assets/" | |
| cp systemd/geoip-policyd.service "dist/$assets/" | |
| cp systemd/geoip-policyd "dist/$assets/" | |
| ( | |
| cd dist | |
| tar czf "$assets.tar.gz" "$assets" | |
| ls -lah *.* | |
| ) | |
| shell: bash | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact-${{ matrix.goos }}-${{ matrix.goarch }} | |
| path: | | |
| dist/*.tar.gz | |
| build-linux-packages: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| goos: [ linux ] | |
| goarch: [ amd64, arm64 ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.22.x | |
| - run: | | |
| GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} \ | |
| go build -mod=vendor -ldflags="-s -X main.version=${GITHUB_REF#refs/heads/})-${GITHUB_SHA:0:8}" -o ${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }} | |
| - name: Copy binaries | |
| run: | | |
| mkdir -p .debpkg/usr/sbin | |
| mkdir -p .debpkg/usr/lib/systemd/system | |
| mkdir -p .debpkg/etc/default | |
| mkdir -p .debpkg/usr/share/doc/${{ env.APP_NAME }} | |
| cp ${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }} .debpkg/usr/sbin/ | |
| cp systemd/${{ env.APP_NAME }}.service .debpkg/usr/lib/systemd/system/ | |
| cp systemd/${{ env.APP_NAME }} .debpkg/etc/default/ | |
| cp LICENSE README.md .debpkg/usr/share/doc/${{ env.APP_NAME }}/ | |
| - uses: jiro4989/build-deb-action@v3 | |
| with: | |
| package: ${{ env.APP_NAME }} | |
| package_root: .debpkg | |
| maintainer: ${{ env.MAINTAINER }} | |
| version: ${{ github.ref }} | |
| arch: '${{ matrix.goarch }}' | |
| desc: '${{ env.DESC }}' | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact-${{ matrix.goos }}-${{ matrix.goarch }}-deb | |
| path: | | |
| ./*.deb | |
| create-release: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-artifact | |
| - build-linux-packages | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Generate changelog | |
| run: | | |
| wget https://github.com/git-chglog/git-chglog/releases/download/${{ env.CHGELOG_VERSION }}/git-chglog_linux_amd64 | |
| chmod +x git-chglog_linux_amd64 | |
| mv git-chglog_linux_amd64 git-chglog | |
| ./git-chglog --output ./changelog $(git describe --tags $(git rev-list --tags --max-count=1)) | |
| - name: Install GitHub CLI | |
| run: sudo apt-get install -y gh | |
| - name: Authenticate GitHub CLI | |
| run: gh auth login --with-token <<< "${{ secrets.GEOIP_POLICYD_RELEASE }}" | |
| - name: Create Release | |
| run: | | |
| gh release create ${{ github.ref_name }} \ | |
| ./changelog \ | |
| --title "Release ${{ github.ref_name }}" \ | |
| --target ${{ github.ref }} \ | |
| --notes-file ./changelog \ | |
| --draft=false \ | |
| --prerelease=false | |
| upload-release: | |
| runs-on: ubuntu-latest | |
| needs: create-release | |
| strategy: | |
| matrix: | |
| goos: [ linux ] | |
| goarch: [ amd64, arm64 ] | |
| include: | |
| - os: ubuntu-latest | |
| asset_suffix: .tar.gz | |
| steps: | |
| - name: Install GitHub CLI | |
| run: sudo apt-get install -y gh | |
| - name: Authenticate GitHub CLI | |
| run: gh auth login --with-token <<< "${{ secrets.GEOIP_POLICYD_RELEASE }}" | |
| - name: Download Artifact | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GEOIP_POLICYD_RELEASE }} | |
| run: | | |
| gh run download --name artifact-${{ matrix.goos }}-${{ matrix.goarch }} | |
| - name: Upload Asset | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GEOIP_POLICYD_RELEASE }} | |
| run: | | |
| gh release upload ${{ github.ref }} ${{ env.APP_NAME }}-${{ matrix.goos }}-${{ matrix.goarch }}${{ matrix.asset_suffix }} | |
| upload-linux-packages: | |
| runs-on: ubuntu-latest | |
| needs: create-release | |
| strategy: | |
| matrix: | |
| goos: [ linux ] | |
| goarch: [ amd64, arm64 ] | |
| include: | |
| - pkg: deb | |
| steps: | |
| - name: Install GitHub CLI | |
| run: sudo apt-get install -y gh | |
| - name: Authenticate GitHub CLI | |
| run: gh auth login --with-token <<< "${{ secrets.GEOIP_POLICYD_RELEASE }}" | |
| - name: Download Artifact | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GEOIP_POLICYD_RELEASE }} | |
| run: | | |
| gh run download --name artifact-${{ matrix.goos }}-${{ matrix.goarch }}-${{ matrix.pkg }} | |
| - run: echo "ASSET_NAME=$(ls *.${{ matrix.pkg }} | head -n 1)" >> "$GITHUB_ENV" | |
| - name: Upload Asset | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GEOIP_POLICYD_RELEASE }} | |
| run: | | |
| gh release upload ${{ github.ref }} $ASSET_NAME |