diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8316602..e625e89 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,21 +37,25 @@ jobs: - goreleaser - goreleaser-pro steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: stable - - name: Check + - + name: Check uses: ./ with: version: ${{ matrix.version }} args: check --verbose workdir: ./test - - name: GoReleaser + - + name: GoReleaser if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }} uses: ./ env: @@ -77,25 +81,30 @@ jobs: - true - false steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: 1.18 - - name: Install cosign + - + name: Install cosign if: matrix.cosign - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 - - name: GoReleaser + uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 + - + name: GoReleaser if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }} uses: ./ with: distribution: ${{ matrix.distribution }} version: ${{ matrix.version }} install-only: true - - name: Check + - + name: Check if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }} run: | goreleaser check --verbose @@ -111,21 +120,25 @@ jobs: - macos-latest - windows-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: 1.18 - - name: Import GPG key + - + name: Import GPG key id: import_gpg uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY_TEST }} passphrase: ${{ secrets.PASSPHRASE_TEST }} - - name: Check + - + name: Check uses: ./ with: version: latest @@ -133,7 +146,8 @@ jobs: workdir: ./test env: GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: GoReleaser + - + name: GoReleaser uses: ./ with: version: latest @@ -145,26 +159,31 @@ jobs: upload-artifact: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: 1.18 - - name: Check + - + name: Check uses: ./ with: args: check --verbose workdir: ./test - - name: GoReleaser + - + name: GoReleaser uses: ./ with: args: release --skip=publish --clean --snapshot workdir: ./test - - name: Upload assets - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 + - + name: Upload assets + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: myapp path: ./test/dist/* @@ -172,20 +191,24 @@ jobs: dist: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: 1.18 - - name: GoReleaser + - + name: GoReleaser uses: ./ with: args: release --config .goreleaser-dist.yml --skip=publish --clean --snapshot workdir: ./test - - name: Check dist + - + name: Check dist run: | tree -nh ./test/_output @@ -202,15 +225,18 @@ jobs: - goreleaser-pro - goreleaser steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Set up Go + - + name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: 1.18 - - name: GoReleaser + - + name: GoReleaser uses: ./ with: install-only: true @@ -218,8 +244,10 @@ jobs: version: nightly env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Check + - + name: Check run: | goreleaser check -f ./test/.goreleaser.yml goreleaser --version goreleaser --version | grep nightly + diff --git a/.github/workflows/release-major-tag.yml b/.github/workflows/release-major-tag.yml index 457f18b..6de2bf9 100644 --- a/.github/workflows/release-major-tag.yml +++ b/.github/workflows/release-major-tag.yml @@ -28,15 +28,19 @@ jobs: tag: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Git config + - + name: Git config run: | git config user.name "github-actions[bot]" git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - - name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} + - + name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }} - - name: Push + - + name: Push run: git push origin ${{ github.event.inputs.major_version }} --force diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 08f1c68..40a6a53 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,24 +19,30 @@ jobs: test: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - name: Setup Node.js - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 + - + name: Setup Node.js + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0 with: node-version-file: '.node-version' cache: npm - - name: Install cosign - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 - - name: Install dependencies + - + name: Install cosign + uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 + - + name: Install dependencies run: npm ci - - name: Test + - + name: Test run: npm test env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Upload coverage + - + name: Upload coverage uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 with: files: ./coverage/clover.xml diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 3ef7ea5..92692c3 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -19,35 +19,45 @@ jobs: lint: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Setup Node.js - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 + - + name: Setup Node.js + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0 with: node-version-file: '.node-version' cache: npm - - name: Install dependencies + - + name: Install dependencies run: npm ci - - name: Format check + - + name: Format check run: npm run format-check - - name: Lint + - + name: Lint run: npm run lint build: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Setup Node.js - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.0.0 + - + name: Setup Node.js + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0 with: node-version-file: '.node-version' cache: npm - - name: Install dependencies + - + name: Install dependencies run: npm ci --ignore-scripts - - name: Rebuild dist + - + name: Rebuild dist run: npm run build - - name: Compare dist + - + name: Compare dist id: diff run: | if [ "$(git diff --ignore-space-at-eol dist | wc -l)" -gt "0" ]; then @@ -55,9 +65,10 @@ jobs: git diff dist exit 1 fi - - name: Upload built dist on failure + - + name: Upload built dist on failure if: ${{ failure() && steps.diff.conclusion == 'failure' }} - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: dist path: dist @@ -65,16 +76,20 @@ jobs: vendor: runs-on: ubuntu-latest steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - name: Setup Node.js - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.0.0 + - + name: Setup Node.js + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0 with: node-version-file: '.node-version' cache: npm - - name: Refresh package-lock.json + - + name: Refresh package-lock.json run: npm install --package-lock-only - - name: Compare package-lock.json + - + name: Compare package-lock.json run: | if [ -n "$(git status --porcelain -- package-lock.json)" ]; then echo "package-lock.json is out of sync with package.json. Run 'npm install' and commit." >&2