diff --git a/.github/workflows/auto-tag.yml b/.github/workflows/auto-tag.yml index d9a214c..1973f4f 100644 --- a/.github/workflows/auto-tag.yml +++ b/.github/workflows/auto-tag.yml @@ -13,16 +13,40 @@ on: permissions: write-all jobs: + pre_job: + runs-on: ubuntu-latest + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@v5.3.1 + with: + cancel_others: "true" + concurrent_skipping: "same_content" + auto-tag: - runs-on: ubuntu-22.04 + needs: pre_job + if: needs.pre_job.outputs.should_skip != 'true' + runs-on: ubuntu-latest timeout-minutes: 10 outputs: version: ${{ steps.get_latest_tag.outputs.version }} + concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 + - uses: actions/cache@v3 + with: + path: | + ~/.cache/git + key: ${{ runner.os }}-git-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-git- + - name: Get latest tag id: get_latest_tag run: | @@ -98,6 +122,14 @@ jobs: echo " - Version not empty: ${{ steps.get_latest_tag.outputs.version != '' }}" echo " - Current job status: ${{ job.status }}" + - name: Check workflow status + if: always() + run: | + if [[ "${{ job.status }}" == "failure" ]]; then + echo "::error::Auto-tag workflow failed" + exit 1 + fi + release: needs: auto-tag permissions: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5a346ee..098fe8e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,28 +29,14 @@ permissions: jobs: goreleaser: environment: production - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest timeout-minutes: 15 + concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true steps: - - name: Check Permissions - run: | - echo "Checking required permissions..." - TOKEN="${{ secrets.RELEASE_TOKEN }}" - if [ -z "$TOKEN" ]; then - echo "::error::RELEASE_TOKEN is not set" - exit 1 - fi - echo "Token permissions check passed" - - - name: Debug Workflow Trigger - run: | - echo "Event name: ${{ github.event_name }}" - echo "Ref: ${{ github.ref }}" - echo "Version input: ${{ inputs.version }}" - echo "Token exists: ${{ secrets.RELEASE_TOKEN != '' }}" - - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 lfs: true @@ -60,8 +46,18 @@ jobs: uses: actions/setup-go@v4 with: go-version: "1.21" + check-latest: true cache: true + - uses: actions/cache@v3 + with: + path: | + ~/.cache/go-build + ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- + - name: Import GPG key id: import_gpg uses: crazy-max/ghaction-import-gpg@v5 @@ -73,23 +69,29 @@ jobs: git_commit_gpgsign: true git_tag_gpgsign: true - - name: Verify Go installation - run: | - go version || { - echo "::error::Go installation failed" - exit 1 - } - - name: Run GoReleaser uses: goreleaser/goreleaser-action@v4 with: distribution: goreleaser version: latest - args: release --clean + args: release --clean --timeout 60m env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} VERSION: ${{ inputs.version }} - continue-on-error: false + + - name: Notify on failure + if: failure() + run: | + echo "::error::Release process failed" + + - name: Verify Release + if: success() + run: | + echo "Verifying release artifacts..." + if [ ! -d "dist" ]; then + echo "::error::Release artifacts not found" + exit 1 + fi if: github.event_name == 'workflow_call' || startsWith(github.ref, 'refs/tags/v')