Skip to content

ci: separate out PR tests and run fuzzing and race in nightlies #2210

ci: separate out PR tests and run fuzzing and race in nightlies

ci: separate out PR tests and run fuzzing and race in nightlies #2210

Workflow file for this run

name: ci-release
# Run this workflow on push events (i.e. PR merge) to main or release branches,
# push events for new semantic version tags, all PRs, and manual triggers.
on:
push:
branches:
- main
- "v[0-9]+.x"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
pull_request:
workflow_dispatch:
# Inputs the workflow accepts.
inputs:
version:
# Friendly description to be shown in the UI instead of 'name'
description: "Semver type of new version (major / minor / patch)"
# Input has to be provided for the workflow to run
required: true
type: choice
options:
- patch
- minor
- major
jobs:
lint:
uses: ./.github/workflows/lint.yml
markdown-linter:
uses: ./.github/workflows/markdown-linter.yml
test:
uses: ./.github/workflows/test.yml
# If this was a workflow dispatch event, we need to generate and push a tag
# for goreleaser to grab
version_bump:
needs: [lint, markdown-linter, test]
runs-on: ubuntu-latest
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- name: Bump version and push tag
# Placing the if condition here is a workaround for needing to block
# on this step during workflow dispatch events but the step not
# needing to run on tags. If we had the if condition on the full
# version_bump section, it would skip and not run, which would result
# in goreleaser not running either.
if: ${{ github.event_name == 'workflow_dispatch' }}
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
default_bump: ${{ inputs.version }}
# Generate the release with goreleaser to include pre-built binaries
goreleaser:
needs: version_bump
runs-on: ubuntu-latest
if: |
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'push' && contains(github.ref, 'refs/tags/'))
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- run: git fetch --force --tags
- uses: actions/setup-go@v4
with:
go-version: 1.21.1
# Import the GPG key from Github secrets to sign the binaries
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_SIGNING_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
# Generate the binaries, release, and sign the checksum
- uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}