1515 type : boolean
1616
1717env :
18- RUNNER_DEV_VERSION : " 0.9 .x"
18+ RUNNER_DEV_VERSION : " 0.11 .x"
1919 RUNNER_SERVER_VERSION : " 3.11.16"
2020jobs :
2121 build :
2828 #
2929 fail-fast : false
3030 matrix :
31- include :
31+ include : &buildVariants
3232 # go tool dist list -json to get the source
3333 - {GOOS: android, GOARCH: 386, TARGET: i686-linux-android }
3434 - {GOOS: android, GOARCH: amd64, TARGET: x86_64-linux-android }
7575 env :
7676 CGO_ENABLED : 0 # Only android should build with cgo
7777 steps :
78- - uses : actions/checkout@v4
79- with :
80- submodules : recursive
81- - name : Setup Go
78+ - uses : &checkout actions/checkout@v4
79+ - &setupgo
80+ name : Setup Go
8281 uses : actions/setup-go@v5
8382 with :
8483 go-version : " ${{ matrix.GOVERSION || vars.GOVERSION || '^1.16.0' }}"
@@ -148,14 +147,68 @@ jobs:
148147 name : bundle-${{matrix.GOOS}}-${{matrix.GOARCH}}${{matrix.GOARM}}
149148 path : |
150149 binary-${{matrix.GOOS}}-${{matrix.GOARCH}}${{matrix.GOARM}}.*
150+ create-vendor-archive :
151+ name : Create Archive with all dependencies
152+ runs-on : ubuntu-latest
153+ strategy :
154+ matrix :
155+ include :
156+ - buildVariants : *buildVariants
157+ steps :
158+ - uses : *checkout
159+ with :
160+ path : github-act-runner-full-src
161+ - *setupgo
162+ - name : Run go mod vendor for each target
163+ uses : actions/github-script@v7
164+ with :
165+ script : |
166+ const targets = ${{ tojson(matrix.buildVariants) }};
167+ for (const env of targets) {
168+ const envVars = {
169+ ...process.env,
170+ ...env
171+ };
172+ await exec.exec(`go`, ['env'], { env: envVars, cwd: './github-act-runner-full-src' });
173+ await exec.exec(`go`, ['mod', 'vendor'], { env: envVars, cwd: './github-act-runner-full-src' });
174+ }
175+ name : Package
176+ run : |
177+ zip -r ../github-act-runner-full-src.zip . -x ".git/*"
178+ tar --exclude=.git -czvf ../github-act-runner-full-src.tar.gz .
179+ working-directory : github-act-runner-full-src
180+ - name : Create Signed Provenance
181+ uses : actions/attest-build-provenance@v1
182+ id : attest
183+ if : ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.skip-packaging != 'true' }}
184+ with :
185+ subject-path : " github-act-runner-full-src.*"
186+ - name : Copy Signed Provenance to well known filepath
187+ if : ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.skip-packaging != 'true' }}
188+ run : |
189+ cp "$BUNDLE_PATH" github-act-runner-full-src.sigstore.json
190+ env :
191+ BUNDLE_PATH : ${{ steps.attest.outputs.bundle-path }}
192+ - name : Create Package Checksums
193+ if : ${{ github.event.inputs.skip-packaging != 'true' }}
194+ run : |
195+ sha512sum github-act-runner-full-src.zip > github-act-runner-full-src.zip.sha512
196+ sha512sum github-act-runner-full-src.tar.gz > github-act-runner-full-src.tar.gz.sha512
197+ uses : actions/upload-artifact@v4
198+ with :
199+ name : vendor
200+ path : |
201+ github-act-runner-full-src.*
151202
152203# ######################################
153204# ######### publish to github ##########
154205# ######################################
155206 publish-to-github :
156207 name : deploy to github
157208 runs-on : ubuntu-latest
158- needs : build
209+ needs :
210+ - build
211+ - create-vendor-archive
159212 if : ${{ github.event.inputs.skip-packaging != 'true' && github.event.inputs.version }}
160213 continue-on-error : true
161214 steps :
@@ -168,6 +221,7 @@ jobs:
168221 token : ${{ secrets.GITHUB_TOKEN }}
169222 tag : v${{ github.event.inputs.version }}
170223 commit : ${{ github.sha }}
224+ immutableCreate : true # Do not publish before uploading everything
171225 body : |
172226 # Changes
173227 ${{ fromJSON(github.event.inputs.changelog) || 'No changelog provided' }}
0 commit comments