name: Publish run-name: Publish by @${{ github.actor }} on: workflow_dispatch: push: tags: - 'v0.*' env: GO_VERSION: "1.25" CODE_COVERAGE_FILE_NAME: "coverage.out" # must be the same as in Makefile CODE_COVERAGE_ARTIFACT_NAME: "code-coverage" jobs: config: name: Check GoReleaser config if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v6 - name: Check GoReleaser uses: goreleaser/goreleaser-action@v6 with: args: check publish: name: "Publish provider" if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') needs: config runs-on: ubuntu-latest permissions: actions: read # Required to identify workflow run. checks: write # Required to add status summary. contents: read # Required to checkout repository. pull-requests: write # Required to add PR comment. steps: - name: Install needed tools run: | apt-get -y -qq update apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget - name: Setup Go uses: actions/setup-go@v6 with: # go-version: ${{ env.GO_VERSION }} go-version-file: 'go.mod' cache-dependency-path: "**/*.sum" - name: Install go tools run: | go install golang.org/x/tools/cmd/goimports@latest go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest - name: Setup JAVA uses: actions/setup-java@v5 with: distribution: 'temurin' # See 'Supported distributions' for available options java-version: '21' - name: Checkout uses: actions/checkout@v6 - name: Run build pkg directory run: | set -e mkdir -p generated/services mkdir -p generated/internal/services go run cmd/main.go build - name: Set up s3cfg run: | cat <<'EOF' >> ~/.s3cfg [default] host_base = https://object.storage.eu01.onstackit.cloud host_bucket = https://%(bucket).object.storage.eu01.onstackit.cloud check_ssl_certificate = False access_key = ${{ secrets.S3_ACCESS_KEY }} secret_key = ${{ secrets.S3_SECRET_KEY }} EOF - name: Import GPG key run: | echo "${{ secrets.PRIVATE_KEY_PEM }}" > ~/private.key.pem gpg --import ~/private.key.pem rm ~/private.key.pem - name: Run GoReleaser with SNAPSHOT if: github.event_name == 'workflow_dispatch' id: goreleaser env: GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} uses: goreleaser/goreleaser-action@v6 with: args: release --skip publish --clean --snapshot - name: Run GoReleaser if: github.event_name != 'workflow_dispatch' id: goreleaser env: GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} uses: goreleaser/goreleaser-action@v6 with: args: release --skip publish --clean - name: Prepare key file run: | echo "${{ secrets.PUBLIC_KEY_PEM }}" >public_key.pem - name: Prepare provider directory structure run: | VERSION=$(jq -r .version < dist/metadata.json) go run cmd/main.go \ publish \ --namespace=mhenselin \ --providerName=stackitprivatepreview \ --repoName=terraform-provider-stackitprivatepreview \ --domain=tfregistry.sysops.stackit.rocks \ --gpgFingerprint="${{ secrets.GPG_FINGERPRINT }}" \ --gpgPubKeyFile=public_key.pem \ --version=${VERSION} - name: Publish provider to S3 run: | set -e cd release/ s3cmd put --recursive v1 s3://terraform-provider-privatepreview/ s3cmd put --recursive .well-known s3://terraform-provider-privatepreview/ - name: Import SSH key run: | mkdir -p ~/.ssh echo "${{ secrets.DOCS_UPLOAD_SSH_KEY }}" > ~/.ssh/id_ed25519 chmod 0600 ~/.ssh/id_ed25519 - name: Upload docs via scp run: | set -e ssh -o StrictHostKeyChecking=no ubuntu@${{ vars.DOCS_SERVER_IP }} 'rm -rf /srv/www/docs' echo "${{ github.ref_name }}" >docs/_version.txt scp -o StrictHostKeyChecking=no -r docs ubuntu@${{ vars.DOCS_SERVER_IP }}:/srv/www/