5371c7f486
I am not 100% sure I was able to fix all the cases in which we need higher permissions than the strict default. At least, I tried. It may be reasonable to make an interim release to check whether I successfully fixed all the cases. Ref issue: https://github.com/ooni/probe/issues/2154
31 lines
958 B
YAML
31 lines
958 B
YAML
# Builds and publishes oohelperd for Linux
|
|
name: oohelperd
|
|
on:
|
|
push:
|
|
branches:
|
|
- "release/**"
|
|
tags:
|
|
- "v*"
|
|
|
|
jobs:
|
|
build_and_publish:
|
|
runs-on: "ubuntu-20.04"
|
|
permissions: # See https://github.com/ooni/probe/issues/2154
|
|
contents: write
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: actions/setup-go@v1
|
|
with:
|
|
go-version: "1.18.3"
|
|
|
|
- name: build oohelperd binary
|
|
run: GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o ./CLI/oohelperd-linux-amd64 -v -tags netgo -ldflags="-s -w -extldflags -static" ./internal/cmd/oohelperd
|
|
|
|
- run: |
|
|
tag=$(echo $GITHUB_REF | sed 's|refs/tags/||g')
|
|
gh release create -p $tag --target $GITHUB_SHA || true
|
|
gh release upload $tag --clobber ./CLI/oohelperd-linux-amd64
|
|
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|