Release v0.1.0 #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| permissions: | |
| contents: write | |
| packages: write | |
| jobs: | |
| # Run the same checks as CI before releasing | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.24' | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - name: Verify dependencies | |
| run: | | |
| go mod verify | |
| go mod tidy | |
| git diff --exit-code | |
| - name: Run tests | |
| run: go test -race -v ./... | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.24' | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@v8 | |
| with: | |
| version: latest | |
| args: --timeout=5m | |
| security: | |
| name: Security | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.24' | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - name: Run govulncheck | |
| run: | | |
| go install golang.org/x/vuln/cmd/govulncheck@latest | |
| govulncheck ./... | |
| goreleaser: | |
| name: GoReleaser | |
| runs-on: ubuntu-latest | |
| needs: [test, lint, security] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.24' | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - name: Validate tag format | |
| run: | | |
| TAG=${GITHUB_REF#refs/tags/} | |
| echo "Release tag: $TAG" | |
| # Validate tag format (should be v*.*.* or similar) | |
| if [[ ! "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9]+)*$ ]]; then | |
| echo "❌ Invalid tag format: $TAG" | |
| echo "Expected format: v1.2.3 or v1.2.3-rc1" | |
| exit 1 | |
| fi | |
| echo "✅ Tag format is valid: $TAG" | |
| - name: Check VERSION file consistency | |
| run: | | |
| TAG=${GITHUB_REF#refs/tags/} | |
| VERSION_FROM_FILE=$(cat VERSION) | |
| VERSION_FROM_TAG=${TAG#v} | |
| echo "Tag version: $VERSION_FROM_TAG" | |
| echo "VERSION file: $VERSION_FROM_FILE" | |
| # Allow some flexibility for pre-release tags | |
| if [[ "$VERSION_FROM_TAG" =~ ^([0-9]+\.[0-9]+\.[0-9]+) ]]; then | |
| MAJOR_VERSION=${BASH_REMATCH[1]} | |
| if [[ "$VERSION_FROM_FILE" != "$MAJOR_VERSION" ]]; then | |
| echo "⚠️ Warning: VERSION file ($VERSION_FROM_FILE) doesn't match tag version ($MAJOR_VERSION)" | |
| echo "This is acceptable for pre-release tags, but should be updated for final releases." | |
| else | |
| echo "✅ VERSION file matches tag version" | |
| fi | |
| fi | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| distribution: goreleaser | |
| version: '~> v2' | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload release artifacts | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: release-artifacts | |
| path: | | |
| dist/*.tar.gz | |
| dist/*.zip | |
| dist/checksums.txt | |
| retention-days: 30 | |
| post-release: | |
| name: Post-Release Validation | |
| runs-on: ubuntu-latest | |
| needs: [goreleaser] | |
| if: always() && needs.goreleaser.result == 'success' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Verify release was created | |
| run: | | |
| TAG=${GITHUB_REF#refs/tags/} | |
| echo "Checking if release $TAG was created..." | |
| # Wait a moment for the release to be fully processed | |
| sleep 10 | |
| # Check if release exists using GitHub CLI | |
| if gh release view "$TAG" --json tagName,isDraft,isPrerelease; then | |
| echo "✅ Release $TAG was successfully created" | |
| # List release assets | |
| echo "📦 Release assets:" | |
| gh release view "$TAG" --json assets --jq '.assets[].name' | sort | |
| else | |
| echo "❌ Release $TAG was not found" | |
| exit 1 | |
| fi | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| notify: | |
| name: Notify | |
| runs-on: ubuntu-latest | |
| needs: [test, lint, security, goreleaser, post-release] | |
| if: always() | |
| steps: | |
| - name: Release Status | |
| run: | | |
| TAG=${GITHUB_REF#refs/tags/} | |
| if [ "${{ needs.test.result }}" = "success" ] && \ | |
| [ "${{ needs.lint.result }}" = "success" ] && \ | |
| [ "${{ needs.security.result }}" = "success" ] && \ | |
| [ "${{ needs.goreleaser.result }}" = "success" ] && \ | |
| [ "${{ needs.post-release.result }}" = "success" ]; then | |
| echo "🎉 Release $TAG completed successfully!" | |
| echo "📦 Binaries are available at: https://github.com/orien/stackaroo/releases/tag/$TAG" | |
| echo "" | |
| echo "Installation instructions:" | |
| echo "- Download from GitHub releases" | |
| echo "- Or use: go install github.com/orien/stackaroo@$TAG" | |
| else | |
| echo "❌ Release $TAG failed" | |
| echo "Test: ${{ needs.test.result }}" | |
| echo "Lint: ${{ needs.lint.result }}" | |
| echo "Security: ${{ needs.security.result }}" | |
| echo "GoReleaser: ${{ needs.goreleaser.result }}" | |
| echo "Post-Release: ${{ needs.post-release.result }}" | |
| exit 1 | |
| fi |