diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 78443e78c..d3ea40906 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -52,19 +52,10 @@ jobs: name: Install signore uses: hashicorp/setup-signore-package@v1 - - uses: hashicorp/setup-hc-releases@v1 + name: Setup hc-releases + uses: hashicorp/actions-setup-hc-releases@v1 with: github-token: ${{ secrets.CODESIGN_GITHUB_TOKEN }} - - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.TERRAFORM_PROD_AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.TERRAFORM_PROD_AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - role-to-assume: ${{ secrets.TERRAFORM_PROD_AWS_ROLE_TO_ASSUME }} - role-skip-session-tagging: true - role-duration-seconds: 3600 - name: Release uses: goreleaser/goreleaser-action@v2 @@ -72,6 +63,8 @@ jobs: version: latest args: release env: + HC_RELEASES_HOST_STAGING: ${{ secrets.HC_RELEASES_HOST_STAGING }} + HC_RELEASES_KEY_STAGING: ${{ secrets.HC_RELEASES_KEY_STAGING }} CODESIGN_IMAGE: ${{ steps.codesign.outputs.image }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_GITHUB_TOKEN }} @@ -82,7 +75,20 @@ jobs: SIGNORE_CLIENT_SECRET: ${{ secrets.SIGNORE_CLIENT_SECRET }} SIGNORE_SIGNER: ${{ secrets.SIGNORE_SIGNER }} - - name: Publish released artifacts - run: hc-releases publish -product=terraform-ls - env: - FASTLY_API_TOKEN: ${{ secrets.RELEASE_FASTLY_API_TOKEN }} + name: Create Release metadata + uses: hashicorp/actions-hc-releases-create-metadata@main + with: + private-tools-token: ${{ secrets.CODESIGN_GITHUB_TOKEN }} + product-name: "terraform-ls" + version: ${{ github.ref_name }} + hc-releases-host: ${{ secrets.HC_RELEASES_HOST_STAGING}} + hc-releases-key: ${{ secrets.HC_RELEASES_KEY_STAGING }} + - + name: Promote + uses: hashicorp/actions-hc-releases-promote@main + with: + product-name: "terraform-ls" + version: ${{ github.ref_name }} + hc-releases-host: ${{ secrets.HC_RELEASES_HOST_PROD }} + hc-releases-key: ${{ secrets.HC_RELEASES_KEY_PROD }} + hc-releases-source_env_key: ${{ secrets.HC_RELEASES_KEY_STAGING }} diff --git a/.goreleaser.yml b/.goreleaser.yml index d524b7fa6..f9fbaf3fe 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -110,20 +110,18 @@ brews: system "#{bin}/terraform-ls --version" publishers: - - name: "hc-releases" + - name: upload checksum: true signature: true env: - - AWS_DEFAULT_REGION={{ .Env.AWS_DEFAULT_REGION }} - - AWS_REGION={{ .Env.AWS_REGION }} - - AWS_ACCESS_KEY_ID={{ .Env.AWS_ACCESS_KEY_ID }} - - AWS_SECRET_ACCESS_KEY={{ .Env.AWS_SECRET_ACCESS_KEY }} - - AWS_SESSION_TOKEN={{ .Env.AWS_SESSION_TOKEN }} - cmd: hc-releases upload-file {{ abs .ArtifactPath }} - milestones: - name_template: "{{ .Tag }}" close: true + - HC_RELEASES_HOST={{ .Env.HC_RELEASES_HOST_STAGING }} + - HC_RELEASES_KEY={{ .Env.HC_RELEASES_KEY_STAGING }} + dir: "{{ dir .ArtifactPath }}" + cmd: | + hc-releases upload -file={{ .ArtifactName }} -product={{ .ProjectName }} -version={{ .Version }} release: prerelease: auto diff --git a/.release/release-metadata.hcl b/.release/release-metadata.hcl new file mode 100644 index 000000000..4b8d4399b --- /dev/null +++ b/.release/release-metadata.hcl @@ -0,0 +1,2 @@ +url_source_repository = "https://github/hashicorp/terraform-ls" +url_license = "https://github.com/hashicorp/terraform-ls/blob/main/LICENSE"