release_godon_cli #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Godon CLI | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v25 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-25.11 | |
| extra_nix_config: | | |
| sandbox = false | |
| sandbox-paths = /etc/ssl/certs/ca-bundle.crt | |
| experimental-features = nix-command flakes | |
| - name: Configure Nix daemon SSL certificates | |
| run: | | |
| # Find and symlink SSL certificates for Nix daemon | |
| sudo mkdir -p /etc/ssl/certs | |
| CERT_BUNDLE=$(find /nix/store -name "ca-bundle.crt" | head -1) | |
| echo "Found certificate bundle: $CERT_BUNDLE" | |
| sudo ln -sf "$CERT_BUNDLE" /etc/ssl/certs/ca-bundle.crt | |
| sudo ln -sf "$CERT_BUNDLE" /etc/ssl/certs/ca-certificates.crt | |
| # Set environment variables for this session | |
| export SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt" | |
| export NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt" | |
| export CURL_CA_BUNDLE="/etc/ssl/certs/ca-bundle.crt" | |
| # Add to nix.conf for daemon | |
| echo "ssl-cert-file = /etc/ssl/certs/ca-bundle.crt" | sudo tee -a /etc/nix/nix.conf | |
| echo "SSL certificates configured for Nix daemon" | |
| - name: Extract version from release | |
| id: version | |
| run: | | |
| # Extract version from release tag (e.g., refs/tags/1.0.0 -> 1.0.0) | |
| VERSION="${{ github.ref_name }}" | |
| echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
| # Validate semver format | |
| if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9\-\.]+)?(\+[a-zA-Z0-9\-\.]+)?$ ]]; then | |
| echo "Error: Release tag must be in semantic versioning format (e.g., 1.0.0, 2.1.3, 1.0.0-alpha.1)" | |
| exit 1 | |
| fi | |
| echo "Building version: $VERSION" | |
| - name: Build binary | |
| run: | | |
| export SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt" | |
| export NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt" | |
| export CURL_CA_BUNDLE="/etc/ssl/certs/ca-bundle.crt" | |
| # Build with version from release tag | |
| nix --experimental-features "nix-command flakes" build .#godon-cli-custom-${{ steps.version.outputs.VERSION }} | |
| - name: Prepare release assets | |
| run: | | |
| # Get the build output path | |
| OUTPUT_PATH=$(nix --experimental-features "nix-command flakes" path-info .#godon-cli-custom-${{ steps.version.outputs.VERSION }}) | |
| # Create release directory | |
| mkdir -p release | |
| # Copy binary with original name inside archive | |
| cp "$OUTPUT_PATH/bin/godon_cli" "release/godon_cli" | |
| # Create compressed archive | |
| cd release | |
| tar -czf "../godon-cli-${{ steps.version.outputs.VERSION }}-x86_64-linux.tar.gz" "godon_cli" | |
| cd .. | |
| echo "Created release asset: godon-cli-${{ steps.version.outputs.VERSION }}-x86_64-linux.tar.gz" | |
| - name: Upload release assets | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| godon-cli-*.tar.gz | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |