# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

# This workflow lets you compile your Go project using a SLSA3 compliant builder.
# This workflow will generate a so-called "provenance" file describing the steps
# that were performed to generate the final binary.
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# https://github.com/slsa-framework/slsa-github-generator.
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.

name: SLSA Go releaser
on:
  workflow_dispatch:
  release:
    types: [created]

permissions: read-all

jobs:
  # ========================================================================================================================================
  #   Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
  #    See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file
  #=========================================================================================================================================
  build:
    permissions:
      id-token: write # To sign.
      contents: write # To upload release assets.
      actions: read  # To read workflow path.
    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.4.0
    with:
      go-version: 1.19
      # =============================================================================================================
      #   Optional: For more options, see https://github.com/slsa-framework/slsa-github-generator#golang-projects
      # =============================================================================================================

  publish:
    needs: build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Install Go
        uses: actions/setup-go@v2
        with:
          go-version: 1.19

      - name: Install GoReleaser
        run: |
          curl -sfL https://install.goreleaser.com/install-goreleaser.sh | sh

      - name: Release
        run: |
          goreleaser --config .goreleaser.yml