ci: migrate release pipeline from Woodpecker to GitHub Actions
Release / release (push) Has been cancelled
Release / release (push) Has been cancelled
Drop the broken .woodpecker/release.yml (top-level when: triggered an 'error' status on every dev push instead of skipping non-tag events) and replace with .github/workflows/release.yml driving the same GoReleaser flow. Rationale: - Release artifacts already land on GitHub (releases + ghcr.io), so running the pipeline on GitHub eliminates a build hop. - GH Actions auto-provides GITHUB_TOKEN with packages:write via the workflow permissions block — no PAT plumbing or login secrets. - docker/setup-qemu-action and docker/setup-buildx-action handle the multi-arch cross-build setup that Woodpecker would require manual host configuration for. Trigger: any tag matching refs/tags/v*. Mirror sync from somegit.dev propagates tags to GitHub, so 'git push origin v0.3.1' on the canonical remote still drives the GitHub-side release.
This commit is contained in:
@@ -0,0 +1,63 @@
|
||||
# Release workflow — runs when a vX.Y.Z tag is pushed (including mirror
|
||||
# pushes from somegit.dev). Drives GoReleaser to publish:
|
||||
# - static binaries (linux/darwin/windows × amd64/arm64) + checksums
|
||||
# + autogenerated changelog to the GitHub releases page
|
||||
# - multi-arch container images to ghcr.io/vikingowl91/gnoma
|
||||
#
|
||||
# GITHUB_TOKEN is provided automatically by GitHub Actions and already
|
||||
# carries packages:write thanks to the permissions block, so no PAT is
|
||||
# needed for either the release upload or the ghcr.io push.
|
||||
#
|
||||
# Security note: this workflow does not interpolate any untrusted
|
||||
# context (commit messages, PR titles, issue bodies) into shell commands.
|
||||
# All ${{ ... }} references live in with: / env: blocks, which are
|
||||
# safely passed as strings rather than evaluated as shell.
|
||||
|
||||
name: Release
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- "v*"
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
packages: write
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: "1.26"
|
||||
|
||||
- name: Setup QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Setup Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Login to GHCR
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Test
|
||||
run: go test ./...
|
||||
|
||||
- name: GoReleaser
|
||||
uses: goreleaser/goreleaser-action@v6
|
||||
with:
|
||||
version: latest
|
||||
args: release --clean
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
@@ -1,41 +0,0 @@
|
||||
# Release pipeline — runs when a vX.Y.Z tag is pushed.
|
||||
#
|
||||
# Builds gnoma via GoReleaser:
|
||||
# - static binaries for linux/darwin/windows × amd64/arm64
|
||||
# - archives + checksums + changelog uploaded to the GitHub mirror's
|
||||
# releases page (via the GoReleaser github backend in .goreleaser.yml)
|
||||
# - multi-arch container images pushed to ghcr.io/vikingowl91/gnoma
|
||||
#
|
||||
# Secrets required (set in Woodpecker repo settings):
|
||||
# github_token GitHub PAT with `repo` + `write:packages` scopes.
|
||||
# Used for both the release upload and the ghcr.io
|
||||
# image push.
|
||||
#
|
||||
# Runner requirements:
|
||||
# - Docker socket access (mounted via volumes below).
|
||||
# - QEMU registered on the host for arm64 cross-builds. One-time:
|
||||
# docker run --privileged --rm tonistiigi/binfmt --install all
|
||||
# If your Woodpecker host doesn't have it and you can't grant
|
||||
# privileged, drop arm64 from .goreleaser.yml or run releases
|
||||
# manually until a runner with QEMU is available.
|
||||
|
||||
when:
|
||||
- event: tag
|
||||
ref: refs/tags/v*
|
||||
|
||||
steps:
|
||||
- name: test
|
||||
image: golang:1.26
|
||||
commands:
|
||||
- go test ./...
|
||||
|
||||
- name: release
|
||||
image: goreleaser/goreleaser:latest
|
||||
environment:
|
||||
GITHUB_TOKEN:
|
||||
from_secret: github_token
|
||||
commands:
|
||||
- echo "$GITHUB_TOKEN" | docker login ghcr.io -u VikingOwl91 --password-stdin
|
||||
- goreleaser release --clean
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
Reference in New Issue
Block a user