fix(build): add CGO build tags to Dolt storage for cross-compilation #92
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| concurrency: | |
| group: release-${{ github.ref }} | |
| cancel-in-progress: false | |
| permissions: | |
| contents: write | |
| jobs: | |
| goreleaser: | |
| # Guard: only run goreleaser in the canonical repository (not in forks) | |
| if: ${{ github.repository == 'steveyegge/beads' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Install cross-compilation toolchains and signing tools | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-mingw-w64-x86-64 gcc-aarch64-linux-gnu osslsigncode | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| distribution: goreleaser | |
| version: '~> v2' | |
| args: > | |
| release --clean | |
| ${{ github.repository != 'steveyegge/beads' && '--skip=publish --skip=announce' || '' }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Windows code signing (optional - signing is skipped if not set) | |
| WINDOWS_SIGNING_CERT_PFX_BASE64: ${{ secrets.WINDOWS_SIGNING_CERT_PFX_BASE64 }} | |
| WINDOWS_SIGNING_CERT_PASSWORD: ${{ secrets.WINDOWS_SIGNING_CERT_PASSWORD }} | |
| publish-pypi: | |
| runs-on: ubuntu-latest | |
| needs: goreleaser | |
| if: ${{ always() && github.repository == 'steveyegge/beads' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: '3.11' | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Build package | |
| run: | | |
| cd integrations/beads-mcp | |
| uv build | |
| - name: Publish to PyPI | |
| env: | |
| TWINE_USERNAME: __token__ | |
| TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
| run: | | |
| cd integrations/beads-mcp | |
| uv tool run twine upload dist/* | |
| publish-npm: | |
| runs-on: ubuntu-latest | |
| needs: goreleaser | |
| if: ${{ github.repository == 'steveyegge/beads' }} | |
| permissions: | |
| contents: read | |
| id-token: write # Required for npm provenance/trusted publishing | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: '22' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Update npm for OIDC trusted publishing | |
| run: npm install -g npm@latest # Requires npm >= 11.5.1 for trusted publishing | |
| - name: Publish to npm | |
| run: | | |
| cd npm-package | |
| npm publish --access public | |
| # Uses OIDC trusted publishing - no token needed | |
| # Provenance attestations are automatic with trusted publishing | |
| update-homebrew: | |
| runs-on: ubuntu-latest | |
| needs: goreleaser | |
| if: ${{ github.repository == 'steveyegge/beads' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get release info | |
| id: release | |
| run: | | |
| TAG="${GITHUB_REF#refs/tags/}" | |
| echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
| echo "version=${TAG#v}" >> $GITHUB_OUTPUT | |
| - name: Download checksums | |
| run: | | |
| curl -sL "https://github.com/steveyegge/beads/releases/download/${{ steps.release.outputs.tag }}/checksums.txt" -o checksums.txt | |
| - name: Extract checksums | |
| id: checksums | |
| run: | | |
| echo "darwin_amd64=$(grep 'darwin_amd64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT | |
| echo "darwin_arm64=$(grep 'darwin_arm64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT | |
| echo "linux_amd64=$(grep 'linux_amd64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT | |
| echo "linux_arm64=$(grep 'linux_arm64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT | |
| - name: Update Homebrew formula | |
| run: | | |
| mkdir -p Formula | |
| cat > Formula/bd.rb <<'EOF' | |
| class Bd < Formula | |
| desc "AI-supervised issue tracker for coding workflows" | |
| homepage "https://github.com/steveyegge/beads" | |
| version "${{ steps.release.outputs.version }}" | |
| license "MIT" | |
| on_macos do | |
| if Hardware::CPU.arm? | |
| url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_darwin_arm64.tar.gz" | |
| sha256 "${{ steps.checksums.outputs.darwin_arm64 }}" | |
| else | |
| url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_darwin_amd64.tar.gz" | |
| sha256 "${{ steps.checksums.outputs.darwin_amd64 }}" | |
| end | |
| end | |
| on_linux do | |
| if Hardware::CPU.arm? && Hardware::CPU.is_64_bit? | |
| url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_linux_arm64.tar.gz" | |
| sha256 "${{ steps.checksums.outputs.linux_arm64 }}" | |
| else | |
| url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_linux_amd64.tar.gz" | |
| sha256 "${{ steps.checksums.outputs.linux_amd64 }}" | |
| end | |
| end | |
| def install | |
| bin.install "bd" | |
| end | |
| test do | |
| system "#{bin}/bd", "version" | |
| end | |
| end | |
| EOF | |