From 55b8b6029317efbb880657f475642e8d9d161d7c Mon Sep 17 00:00:00 2001 From: Andy Mills Date: Thu, 3 Oct 2024 20:10:10 +0000 Subject: [PATCH 1/3] feat: add brew install for lula --- .github/workflows/release.yaml | 12 +++++++++++- .goreleaser.yaml | 35 ++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 194c91fc..fd8759dc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -92,12 +92,22 @@ jobs: name: build-artifacts path: bin/ + - name: Get Brew tap repo token + id: brew-tap-token + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + with: + app-id: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_ID }} + private-key: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_SECRET }} + owner: defenseunicorns + repositories: homebrew-tap + # Create the GitHub release notes - name: Run GoReleaser uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 with: distribution: goreleaser version: latest - args: release --clean --verbose + args: release --clean --verbose --config .goreleaser.yaml env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} + HOMEBREW_TAP_GITHUB_TOKEN: ${{ steps.brew-tap-token.outputs.token }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index adb5fe51..5ac2e9f2 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -42,6 +42,41 @@ snapshot: changelog: use: github-native +brews: + - name: lula + repository: + owner: defenseunicorns + name: homebrew-tap + token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}" + branch: "{{ .ProjectName }}-{{ .Tag }}" + pull_request: + enabled: true + base: + branch: main + owner: defenseunicorns + name: homebrew-tap + commit_msg_template: "Brew formula update for {{ .ProjectName }} version {{ .Tag }}" + homepage: "https://github.com/defenseunicorns/lula" + description: "The Compliance Validator" + + # NOTE: We are using .Version instead of .Tag because homebrew has weird semver parsing rules and won't be able to + # install versioned releases that has a `v` character before the version number. + - name: "lula@{{ .Version }}" + repository: + owner: defenseunicorns + name: homebrew-tap + token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}" + branch: "{{ .ProjectName }}-{{ .Tag }}" + pull_request: + enabled: true + base: + branch: main + owner: defenseunicorns + name: homebrew-tap + commit_msg_template: "Brew formula update for {{ .ProjectName }} versioned release {{ .Tag }}" + homepage: "https://github.com/defenseunicorns/lula" + description: "The Compliance Validator" + # Generate a GitHub release and publish the release for the tag release: github: From 57a50bcba0e23e8b0fbd3c05a7d6e8dcc3918acd Mon Sep 17 00:00:00 2001 From: Andy Mills Date: Fri, 4 Oct 2024 19:16:01 +0000 Subject: [PATCH 2/3] update release doc, fix goreleaser.yaml, add goreleaser check action --- .github/workflows/goreleaser-check.yaml | 29 +++++++++++++++++++ .goreleaser.yaml | 8 +++-- .../release-process.md | 7 +++-- 3 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/goreleaser-check.yaml diff --git a/.github/workflows/goreleaser-check.yaml b/.github/workflows/goreleaser-check.yaml new file mode 100644 index 00000000..2a79f384 --- /dev/null +++ b/.github/workflows/goreleaser-check.yaml @@ -0,0 +1,29 @@ +name: GoReleaser Check + +on: + push: + paths: + - '.goreleaser.yaml' + pull_request: + paths: + - '.goreleaser.yaml' + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + with: + fetch-depth: 0 + + - name: Setup golang + uses: ./.github/actions/golang + + - name: Install GoReleaser + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 + with: + install-only: true + + - name: Run GoReleaser Check + run: goreleaser check diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 5ac2e9f2..562c5824 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -1,3 +1,5 @@ +version: 2 + before: hooks: - go mod tidy @@ -36,7 +38,7 @@ sboms: - "sbom_{{ .ProjectName }}_{{ .Tag }}_{{- title .Os }}_{{ .Arch }}.sbom" snapshot: - name_template: "{{ incpatch .Version }}-snapshot" + version_template: "{{ incpatch .Version }}-snapshot" # Use the auto-generated changelog github provides changelog: @@ -56,7 +58,7 @@ brews: owner: defenseunicorns name: homebrew-tap commit_msg_template: "Brew formula update for {{ .ProjectName }} version {{ .Tag }}" - homepage: "https://github.com/defenseunicorns/lula" + homepage: "https://lula.dev" description: "The Compliance Validator" # NOTE: We are using .Version instead of .Tag because homebrew has weird semver parsing rules and won't be able to @@ -74,7 +76,7 @@ brews: owner: defenseunicorns name: homebrew-tap commit_msg_template: "Brew formula update for {{ .ProjectName }} versioned release {{ .Tag }}" - homepage: "https://github.com/defenseunicorns/lula" + homepage: "https://lula.dev" description: "The Compliance Validator" # Generate a GitHub release and publish the release for the tag diff --git a/docs/community-and-contribution/release-process.md b/docs/community-and-contribution/release-process.md index afcced8f..0d89ed1d 100644 --- a/docs/community-and-contribution/release-process.md +++ b/docs/community-and-contribution/release-process.md @@ -20,7 +20,8 @@ The most important prefixes you should have in mind are: ### How can I influence the version number for a release? -PR titles should also follow this pattern and are linted using [commitlint](https://commitlint.js.org/). The PR title will determine the version bump. When a PR is merged (squashed) release-please will kick off a release PR. When that release PR is approved and merged, release-please will create a draft release. Once that draft release is published go-releaser with build and publish the assets. +PR titles should also follow this pattern and are linted using [commitlint](https://commitlint.js.org/). The PR title will determine the version bump. When a PR is merged (squashed) release-please will kick off a release PR. When that release PR is approved and merged, release-please will create a draft release. Once that draft release is published go-releaser with build and publish the assets,including creating a release in our Homebrew tap repository: [https://github.com/defenseunicorns/homebrew-tap](https://github.com/defenseunicorns/homebrew-tap) + - Pre-v1.0.0 release-please is configured to bump minors on breaking changes and patches otherwise. per [release-please-config](https://github.com/defenseunicorns/lula/blob/main/release-please-config.json) ### How do I fix a release issue? @@ -42,8 +43,10 @@ The CHANGELOG is not required to be updated, only the release notes must be upda #### Other issues and helpful tips -- Confirm that the goreleaser configuration is valid by using the [goreleaser cli](https://goreleaser.com/cmd/goreleaser_check/?h=valid) +- Manual approach: Confirm that the goreleaser configuration is valid by using the [goreleaser cli](https://goreleaser.com/cmd/goreleaser_check/?h=valid). ```sh goreleaser check .goreleaser.yaml [flags] ``` + +- Automated approach: On Push and Pull Request the [GoReleaserGitHub Action Workflow](./github/workflows/goreleaser-check.yaml) will run the `goreleaser check` command From 88c9f64749d5c09c2c1b8eb72dd6ea4b7827e15f Mon Sep 17 00:00:00 2001 From: Andy Mills Date: Mon, 7 Oct 2024 14:09:38 +0000 Subject: [PATCH 3/3] fix markdown spacing --- docs/community-and-contribution/release-process.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/community-and-contribution/release-process.md b/docs/community-and-contribution/release-process.md index 0d89ed1d..c9da4204 100644 --- a/docs/community-and-contribution/release-process.md +++ b/docs/community-and-contribution/release-process.md @@ -20,7 +20,7 @@ The most important prefixes you should have in mind are: ### How can I influence the version number for a release? -PR titles should also follow this pattern and are linted using [commitlint](https://commitlint.js.org/). The PR title will determine the version bump. When a PR is merged (squashed) release-please will kick off a release PR. When that release PR is approved and merged, release-please will create a draft release. Once that draft release is published go-releaser with build and publish the assets,including creating a release in our Homebrew tap repository: [https://github.com/defenseunicorns/homebrew-tap](https://github.com/defenseunicorns/homebrew-tap) +PR titles should also follow this pattern and are linted using [commitlint](https://commitlint.js.org/). The PR title will determine the version bump. When a PR is merged (squashed) release-please will kick off a release PR. When that release PR is approved and merged, release-please will create a draft release. Once that draft release is published go-releaser with build and publish the assets, including creating a release in our Homebrew tap repository: [https://github.com/defenseunicorns/homebrew-tap](https://github.com/defenseunicorns/homebrew-tap) - Pre-v1.0.0 release-please is configured to bump minors on breaking changes and patches otherwise. per [release-please-config](https://github.com/defenseunicorns/lula/blob/main/release-please-config.json)