Add documentation for Go release workflows

per1234 · per1234 · commit a2053c992044 · 2021-06-18T02:45:10.000-07:00
diff --git a/workflow-templates/publish-go-nightly-task.md b/workflow-templates/publish-go-nightly-task.md
@@ -0,0 +1,69 @@
+# "Publish Nightly Build" workflow (Go, Task)
+
+Workflow file: [publish-go-nightly-task.yml](publish-go-nightly-task.yml)
+
+Publish nightly builds of a [Go](https://golang.org/) project.
+
+This is the version of the workflow for projects using the [Task](https://taskfile.dev/#/) task runner tool.
+
+## Assets
+
+See [the "Release" workflow (Go, Task) documentation](release-go-task.md#assets)
+
+## Configuration
+
+See [the "Release" workflow (Go, Task) documentation](release-go-task.md#configuration)
+
+In addition, the following [repository secret](https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) must be defined:
+
+- `DD_API_KEY` - [Datadog](https://www.datadoghq.com/) API key.
+
+## Readme badge
+
+Markdown badge:
+
+```markdown
+[![Publish Nightly Build status](https://github.com/REPO_OWNER/REPO_NAME/actions/workflows/publish-go-nightly-task.yml/badge.svg)](https://github.com/REPO_OWNER/REPO_NAME/actions/workflows/publish-go-nightly-task.yml)
+```
+
+Replace the `REPO_OWNER` and `REPO_NAME` placeholders in the URLs with the final repository owner and name ([example](https://raw.githubusercontent.com/arduino-libraries/ArduinoIoTCloud/master/README.md)).
+
+---
+
+Asciidoc badge:
+
+```adoc
+image:https://github.com/{repository-owner}/{repository-name}/actions/workflows/publish-go-nightly-task.yml/badge.svg["Publish Nightly Build status", link="https://github.com/{repository-owner}/{repository-name}/actions/workflows/publish-go-nightly-task.yml"]
+```
+
+Define the `{repository-owner}` and `{repository-name}` attributes and use them throughout the readme ([example](https://raw.githubusercontent.com/arduino-libraries/WiFiNINA/master/README.adoc)).
+
+## Commit message
+
+```
+Add CI workflow to publish nightly builds
+
+On a daily schedule:
+
+- Build the project for all supported platforms.
+- Sign and notarize the macOS build.
+- Upload the builds to Arduino's downloads server.
+
+This will enable everyone to participate to the project's development via beta testing.
+```
+
+## PR message
+
+```markdown
+On a daily schedule:
+
+- Build the project for all supported platforms.
+- Use [gon](https://github.com/mitchellh/gon) to sign and notarize the macOS build.
+- Upload the builds to Arduino's downloads server.
+
+This will enable everyone to participate to the project's development via beta testing.
+```
+
+## Related
+
+- ["Release" workflow (Go, Task)](release-go-task.md)
diff --git a/workflow-templates/release-go-task.md b/workflow-templates/release-go-task.md
@@ -0,0 +1,83 @@
+# "Release" workflow (Go, Task)
+
+Workflow file: [release-go-task.yml](release-go-task.yml)
+
+Make a production release of the [Go](https://golang.org/) project.
+
+This is the version of the workflow for projects using the [Task](https://taskfile.dev/#/) task runner tool.
+
+## Assets
+
+- [`Taskfile.yml`](assets/release-go-task/Taskfile.yml] - [variables](https://taskfile.dev/#/usage?id=variables) providing project-specific data to the build system.
+  - Install to: repository root (or merge into the existing `Taskfile.yml`)
+- [`DistTasks.yml`](assets/release-go-task/DistTasks.yml] - general purpose tasks for making production builds of Go projects.
+  - Install to: repository root
+- [`gon.config.hcl`](assets/shared/gon.config.hcl] - [gon](https://github.com/mitchellh/gon) configuration file for macOS signing and notarization.
+  - Install to: repository root
+
+## Configuration
+
+The following [repository secrets](https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) must be defined:
+
+- `INSTALLER_CERT_MAC_P12` - the [Apple Developer ID](https://developer.apple.com/support/developer-id/) signing certificate, exported in [PKCS #12 format](https://en.wikipedia.org/wiki/PKCS_12) and then encoded into base64 as described [here](https://www.kencochrane.com/2020/08/01/build-and-sign-golang-binaries-for-macos-with-github-actions/#exporting-the-developer-certificate).
+- `INSTALLER_CERT_MAC_PASSWORD` - the password used to encrypt the Apple Developer ID signing certificate during the export process.
+- `AC_USERNAME` - the Apple ID username associated with the certificate.
+  - **Note**: not likely to be a problem when using Arduino's standard credentials, but in the event the username is a member of multiple Apple Developer Program teams, you will also need to define the App Store Connect provider via [the `AC_PROVIDER` environment variable](https://github.com/mitchellh/gon#configuration-file). You can use the ID of the certificate identity (e.g., `7KT7ZWMCJT`) for this.
+- `AC_PASSWORD` - [App-specific password](https://support.apple.com/en-us/HT204397) created for the Apple ID.
+- `DOWNLOADS_BUCKET` - [AWS bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html) on the downloads server.
+- `AWS_ACCESS_KEY_ID` - [AWS access key ID](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys) for the downloads server.
+- `AWS_SECRET_ACCESS_KEY` - [AWS secret access key](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys) for the downloads server.
+
+## Readme badge
+
+Markdown badge:
+
+```markdown
+[![Release status](https://github.com/REPO_OWNER/REPO_NAME/actions/workflows/release-go-task.yml/badge.svg)](https://github.com/REPO_OWNER/REPO_NAME/actions/workflows/release-go-task.yml)
+```
+
+Replace the `REPO_OWNER` and `REPO_NAME` placeholders in the URLs with the final repository owner and name ([example](https://raw.githubusercontent.com/arduino-libraries/ArduinoIoTCloud/master/README.md)).
+
+---
+
+Asciidoc badge:
+
+```adoc
+image:https://github.com/{repository-owner}/{repository-name}/actions/workflows/release-go-task.yml/badge.svg["Release status", link="https://github.com/{repository-owner}/{repository-name}/actions/workflows/release-go-task.yml"]
+```
+
+Define the `{repository-owner}` and `{repository-name}` attributes and use them throughout the readme ([example](https://raw.githubusercontent.com/arduino-libraries/WiFiNINA/master/README.adoc)).
+
+## Commit message
+
+```
+Add CI workflow to publish releases
+
+On every push of a tag named with a version format:
+
+- Build the project for all supported platforms.
+- Sign and notarize the macOS build.
+- Create a GitHub release.
+  - Builds and checksums are attached as release assets
+  - A changelog generated from the commit history is added to the release description
+  - If the tag has a pre-release version suffix, the GitHub release will be marked as a pre-release.
+- Upload the builds to Arduino's downloads server.
+```
+
+## PR message
+
+```markdown
+On every push of a tag named with a version format:
+
+- Build the project for all supported platforms.
+- Use [gon](https://github.com/mitchellh/gon) to sign and notarize the macOS build.
+- Create a [GitHub release](https://docs.github.com/en/github/administering-a-repository/releasing-projects-on-github/about-releases).
+  - Builds and checksums are attached as release assets
+  - A changelog generated by [`arduino/create-changelog](https://github.com/arduino/create-changelog) from the commit history is added to the release description
+  - If the tag has [a pre-release version suffix](https://semver.org/), the GitHub release will be marked as a pre-release.
+- Upload the builds to Arduino's downloads server.
+```
+
+## Related
+
+- ["Publish Nightly Build" workflow (Go, Task)](publish-go-nightly-task.md)
