From ffc08b35ac61911a87be94f594957aeddddda57f Mon Sep 17 00:00:00 2001
From: Radek Simko <radek.simko@gmail.com>
Date: Thu, 14 May 2020 10:05:27 +0100
Subject: [PATCH] build: Publish artifacts to releases.hashicorp.com

---
 .github/workflows/main.yml | 21 +++++++++++++++++++++
 .goreleaser.yml            |  9 +++++++++
 2 files changed, 30 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index af42db232..4674aed17 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -29,6 +29,19 @@ jobs:
         id: codesign
         env:
           VERSION: v0
+      -
+        name: Install hc-releases
+        run: |
+          DOWNLOAD_URL=$(curl -SsL \
+            -H "Authorization: token ${{ secrets.CODESIGN_GITHUB_TOKEN }}" \
+            -H "Accept: application/vnd.github.v3+json" \
+            https://api.github.com/repos/hashicorp/hc-releases/releases/latest \
+            | jq -r '.assets[] | select(.name | contains("linux_amd64.tgz")) | .url')
+          curl -SsL -o /tmp/hc-releases.tgz \
+            -H "Authorization: token ${{ secrets.CODESIGN_GITHUB_TOKEN }}" \
+            -H "Accept: application/octet-stream" ${DOWNLOAD_URL}
+          tar xzf /tmp/hc-releases.tgz
+          sudo mv hc-releases /usr/bin/hc-releases
       -
         name: Import PGP key for archive signing
         run: echo -e "${{ secrets.PGP_SIGNING_KEY }}" | gpg --import
@@ -40,8 +53,16 @@ jobs:
           args: release
         env:
           PGP_USER_ID: ${{ secrets.PGP_USER_ID }}
+          RELEASE_AWS_ACCESS_KEY_ID: ${{ secrets.RELEASE_AWS_ACCESS_KEY_ID }}
+          RELEASE_AWS_SECRET_ACCESS_KEY: ${{ secrets.RELEASE_AWS_SECRET_ACCESS_KEY }}
           CODESIGN_IMAGE: ${{ steps.codesign.outputs.image }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
           ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
           CIRCLE_TOKEN: ${{ secrets.CIRCLE_TOKEN }}
+      -
+        name: Publish released artifacts
+        run: hc-releases publish
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.RELEASE_AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.RELEASE_AWS_SECRET_ACCESS_KEY }}
diff --git a/.goreleaser.yml b/.goreleaser.yml
index 0b40f40e7..6c0152a6e 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -55,5 +55,14 @@ signs:
     args: ["-u", "{{ .Env.PGP_USER_ID }}", "--output", "${signature}", "--detach-sign", "${artifact}"]
     artifacts: checksum
 
+publishers:
+  - name: "hc-releases"
+    checksum: true
+    signature: true
+    cmd: hc-releases upload-file {{ abs .ArtifactPath }}
+    env:
+      - AWS_ACCESS_KEY_ID={{ .Env.RELEASE_AWS_ACCESS_KEY_ID }}
+      - AWS_SECRET_ACCESS_KEY={{ .Env.RELEASE_AWS_SECRET_ACCESS_KEY }}
+
 changelog:
   skip: true