dnscrypt-proxy/.github/workflows/releases.yml

on:
  push:
    paths:
      - "**.go"
      - "go.*"
      - "**/testdata/**"
      - ".ci/**"
      - ".git*"
      - ".github/workflows/releases.yml"
  pull_request:
    paths:
      - "**.go"
      - "go.*"
      - "**/testdata/**"
      - ".ci/**"
      - ".git*"
      - ".github/workflows/releases.yml"

name: GitHub CI

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Get the version
        id: get_version
        run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}

      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: 1
        id: go

      - name: Check out code into the Go module directory
        uses: actions/checkout@v3

      - name: Test suite
        run: |
          go version
          go mod vendor
          cd .ci
          ./ci-test.sh
          cd -          

      - name: Build all
        if: startsWith(github.ref, 'refs/tags/')
        run: |
          .ci/ci-build.sh "${{ steps.get_version.outputs.VERSION }}"          

      - name: Install minisign and sign
        if: startsWith(github.ref, 'refs/tags/')
        run: |
          sudo apt-get -y install libsodium-dev
          git clone --depth 1 https://github.com/jedisct1/minisign.git
          cd minisign/src
          mkdir -p /tmp/bin
          cc -O2 -o /tmp/bin/minisign -D_GNU_SOURCE *.c -lsodium
          cd -
          /tmp/bin/minisign -v
          echo '#' > /tmp/minisign.key
          echo "${{ secrets.MINISIGN_SK }}" >> /tmp/minisign.key
          cd dnscrypt-proxy
          echo | /tmp/bin/minisign -s /tmp/minisign.key -Sm *.tar.gz *.zip
          ls -l dnscrypt-proxy*          

      - name: Create release
        id: create_release
        uses: actions/create-release@v1
        if: startsWith(github.ref, 'refs/tags/')
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: Release ${{ github.ref }}
          draft: false
          prerelease: false

      - name: Upload release assets
        uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
        if: startsWith(github.ref, 'refs/tags/')
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          files: |
            dnscrypt-proxy/*.zip
            dnscrypt-proxy/*.tar.gz
            dnscrypt-proxy/*.minisig