chore(deps): consolidate Renovate dependency updates (#65) #50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Edge Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| # test: | |
| # name: Run End-to-End Tests | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout code | |
| # uses: actions/checkout@v4 | |
| # | |
| # - name: Set up Go | |
| # uses: actions/setup-go@v5 | |
| # with: | |
| # go-version-file: go.mod | |
| # | |
| # - name: Verify Docker is available | |
| # run: | | |
| # docker --version | |
| # docker info | |
| # | |
| # - name: Authenticate to Google Cloud | |
| # uses: google-github-actions/auth@v2 | |
| # with: | |
| # credentials_json: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
| # | |
| # - name: Set up Cloud SDK | |
| # uses: google-github-actions/setup-gcloud@v2 | |
| # | |
| # - name: Install Bitwarden CLI | |
| # run: | | |
| # BW_DOWNLOAD_URL=$(curl -s https://api.github.com/repos/bitwarden/cli/releases/latest | grep '"browser_download_url".*linux.*zip' | head -1 | sed -E 's/.*"([^"]+)".*/\1/') | |
| # curl -L "${BW_DOWNLOAD_URL}" -o bw.zip | |
| # unzip -q bw.zip | |
| # chmod +x bw | |
| # sudo mv bw /usr/local/bin/ | |
| # rm bw.zip | |
| # bw --version | |
| # | |
| # - name: Run end-to-end tests | |
| # env: | |
| # CGO_LDFLAGS: -lm | |
| # GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| # SSTART_E2E_BITWARDEN_ORGANIZATION_ID: ${{ secrets.SSTART_E2E_BITWARDEN_ORGANIZATION_ID }} | |
| # BITWARDEN_SM_ACCESS_TOKEN: ${{ secrets.BITWARDEN_SM_ACCESS_TOKEN }} | |
| # BW_PASSWORD: ${{ secrets.BW_PASSWORD }} | |
| # BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }} | |
| # BW_CLIENTID: ${{ secrets.BW_CLIENTID }} | |
| # OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| # OP_TEST_VAULT_NAME: ${{ secrets.OP_TEST_VAULT_NAME }} | |
| # SSTART_E2E_INFISICAL_PROJECT_ID: ${{ secrets.SSTART_E2E_INFISICAL_PROJECT_ID }} | |
| # SSTART_E2E_INFISICAL_ENVIRONMENT: ${{ secrets.SSTART_E2E_INFISICAL_ENVIRONMENT }} | |
| # INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET: ${{ secrets.INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET }} | |
| # INFISICAL_UNIVERSAL_AUTH_CLIENT_ID: ${{ secrets.INFISICAL_UNIVERSAL_AUTH_CLIENT_ID }} | |
| # INFISICAL_SITE_URL: ${{ secrets.INFISICAL_SITE_URL }} | |
| # run: go test -v ./tests/end2end/... | |
| build: | |
| name: Build Edge Snapshot | |
| # needs: test # Disabled: test job is disabled | |
| strategy: | |
| matrix: | |
| include: | |
| - build_id: sstart-linux-amd64 | |
| runner: ubuntu-latest | |
| goos: linux | |
| goarch: amd64 | |
| binary_name: sstart | |
| - build_id: sstart-linux-arm64 | |
| runner: ubuntu-latest | |
| goos: linux | |
| goarch: arm64 | |
| binary_name: sstart | |
| - build_id: sstart-darwin-amd64 | |
| runner: macos-latest | |
| goos: darwin | |
| goarch: amd64 | |
| binary_name: sstart | |
| - build_id: sstart-darwin-arm64 | |
| runner: macos-latest | |
| goos: darwin | |
| goarch: arm64 | |
| binary_name: sstart | |
| runs-on: ${{ matrix.runner }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install Linux ARM64 cross-compilation toolchain (Linux ARM64 only) | |
| if: matrix.goos == 'linux' && matrix.goarch == 'arm64' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu binutils-aarch64-linux-gnu | |
| echo "CC=aarch64-linux-gnu-gcc" >> $GITHUB_ENV | |
| echo "CXX=aarch64-linux-gnu-g++" >> $GITHUB_ENV | |
| echo "AR=aarch64-linux-gnu-ar" >> $GITHUB_ENV | |
| echo "AS=aarch64-linux-gnu-as" >> $GITHUB_ENV | |
| - name: Calculate version | |
| id: version | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const shortSha = context.sha.substring(0, 7); | |
| const edgeVersion = `edge+${shortSha}`; | |
| const buildDate = new Date().toISOString(); | |
| core.setOutput('version', edgeVersion); | |
| core.setOutput('date', buildDate); | |
| console.log(`Calculated version: ${edgeVersion}`); | |
| console.log(`Build date: ${buildDate}`); | |
| - name: Build binary | |
| env: | |
| CGO_ENABLED: 1 | |
| CGO_LDFLAGS: -lm | |
| GOOS: ${{ matrix.goos }} | |
| GOARCH: ${{ matrix.goarch }} | |
| run: | | |
| go build \ | |
| -ldflags="-s -w -X github.com/dirathea/sstart/internal/cli.version=${{ steps.version.outputs.version }} -X github.com/dirathea/sstart/internal/cli.commit=${{ github.sha }} -X github.com/dirathea/sstart/internal/cli.date=${{ steps.version.outputs.date }}" \ | |
| -o ${{ matrix.binary_name }} \ | |
| ./cmd/sstart | |
| - name: Prepare release archive | |
| run: | | |
| mkdir -p release | |
| # Use lowercase OS and arch names for the archive filename | |
| # Format: sstart-{VERSION}-{os}-{arch}.tar.gz | |
| OS_NAME="${{ matrix.goos }}" | |
| ARCH_NAME="${{ matrix.goarch }}" | |
| ARCHIVE_NAME="sstart-${{ steps.version.outputs.version }}-${OS_NAME}-${ARCH_NAME}" | |
| # Create temporary directory for archive contents | |
| TEMP_DIR=$(mktemp -d) | |
| # Copy binary to temp directory | |
| cp ${{ matrix.binary_name }} "${TEMP_DIR}/sstart" | |
| # Copy LICENSE and README if they exist | |
| cp LICENSE README.md "${TEMP_DIR}/" 2>/dev/null || true | |
| # Create archive with binary at root (not in a subdirectory) | |
| # Use -C to change into temp directory and archive contents directly | |
| tar -czf "release/${ARCHIVE_NAME}.tar.gz" -C "${TEMP_DIR}" . | |
| # Clean up | |
| rm -rf "${TEMP_DIR}" | |
| # Verify archive structure (binary should be at root) | |
| echo "Archive contents:" | |
| tar -tzf "release/${ARCHIVE_NAME}.tar.gz" | head -10 | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: release-${{ matrix.build_id }} | |
| path: release/* | |
| retention-days: 1 | |
| release: | |
| name: Publish Edge Release | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Calculate version | |
| id: version | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const shortSha = context.sha.substring(0, 7); | |
| const edgeVersion = `edge+${shortSha}`; | |
| core.setOutput('version', edgeVersion); | |
| core.setOutput('tag', edgeVersion); | |
| console.log(`Calculated version: ${edgeVersion}`); | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v7 | |
| with: | |
| path: artifacts | |
| - name: Prepare release assets | |
| run: | | |
| mkdir -p release | |
| # Copy all release archives from artifacts | |
| for dir in artifacts/release-*/; do | |
| if [ -d "$dir" ]; then | |
| echo "Copying from $dir" | |
| find "$dir" -type f \( -name "*.tar.gz" -o -name "*.zip" \) -exec cp {} release/ \; | |
| fi | |
| done | |
| # Create checksums | |
| cd release | |
| sha256sum * > checksums.txt | |
| echo "Release assets:" | |
| ls -la | |
| - name: Publish GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{ steps.version.outputs.tag }} | |
| name: Edge Release ${{ steps.version.outputs.version }} | |
| body: | | |
| Edge release built from commit ${{ github.sha }} | |
| ## Assets | |
| - Pre-built binaries for Linux (amd64, arm64) and macOS (amd64, arm64) | |
| - Checksums file for verification | |
| files: release/* | |
| draft: false | |
| prerelease: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |