[v2.12]Replace GoReleaser action

.github/workflows/release.yaml

@@ -1,10 +1,8 @@
 name: Release
-
 on:
   push:
     tags:
       - 'v*'
-
 # GitHub settings / example values:
 #
 # org level vars:
@@ -14,7 +12,6 @@ on:
 # repo level secrets:
 #   - PUBLIC_REGISTRY_USERNAME
 #   - PUBLIC_REGISTRY_PASSWORD
-
 jobs:
   publish-images:
     permissions:
@@ -36,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         fetch-depth: 0
         ref: ${{ github.ref_name}}
@@ -50,7 +47,7 @@ jobs:
           secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials username | PRIME_REGISTRY_USERNAME ;
           secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials password | PRIME_REGISTRY_PASSWORD
     - name: Publish images
-      uses: rancher/ecm-distro-tools/actions/publish-image@575bb831c67edd950bfedb59d41dd127bd0005d6 # v0.65.2
+      uses: rancher/ecm-distro-tools/actions/publish-image@dcb1a0f50ca91f9f9a1f34fa335a9182686234d5 # v0.66.3
       with:
         image: eks-operator
         tag: ${{ github.ref_name }}${{ matrix.tag-suffix }}
@@ -67,78 +64,118 @@ jobs:
         push-to-prime: true
     - name: Cleanup checksum files # in order to avoid goreleaser dirty state error, remove once rancher/ecm-distro-tools/actions/publish-image@main gets updated
       run: rm -f slsactl_*_checksums.txt*
-
   release:
     permissions:
       contents: write # required for creating GH release
     runs-on: ubuntu-latest
     needs: publish-images
     steps:
-    - name: Checkout code
-      uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
-      with:
-        fetch-depth: 0
-        ref: ${{ github.ref_name}}
-    - name: Create release
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for creating GH release
-        GORELEASER_CURRENT_TAG: ${{ github.ref_name }} # specify the tag to be released
-      id: goreleaser
-      uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6
-      with:
-        distribution: goreleaser
-        version: "~> v2"
-        args: release --clean --verbose
-    - name: Upload charts to release
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for updating GH release
-        REPO: rancher # First name component for Docker repository to reference in `values.yaml` of the Helm chart release, this is expected to be `rancher`, image name is appended to this value
-        TAG: ${{ github.ref_name }} # image tag to be referenced in `values.yaml` of the Helm chart release
-      run: |
-        version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version')
-        echo "Publishing helm charts (version: $version)"
+      - name: Checkout code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          fetch-depth: 0
+          ref: ${{ github.ref_name}}
+      - name: Setup goreleaser
+        shell: bash
+        run: |-
+          OS="Linux"
+          if [[ ${RUNNER_OS} != "Linux" ]]; then
+          	echo "Unsupported OS: ${RUNNER_OS}"
+          	exit 1
+          fi
 
-        # Both version and appVersion are set to the same value in the Chart.yaml (excluding the 'v' prefix)
-        CHART_VERSION=$version GIT_TAG=$version make charts
+          # renovate-local: goreleaser-x86_64
+          GORELEASER_VERSION="v2.15.2"
+          # renovate-local: goreleaser-x86_64=v2.15.2
+          GORELEASER_CHECKSUM_x86_64="0ebdbf0353aba566b969dde746cc4e4806f96c27aa2f3971b229a9df7611fedc"
 
-        for f in $(find bin/ -name '*.tgz'); do
-          echo "Uploading $f to GitHub release $TAG"
-          gh release upload $TAG $f
-        done
-        echo "Charts successfully uploaded to GitHub release $TAG"
-    - name: Add charts to branch
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      run: |
-        version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version')
-        branch_version=v$(echo "$version" | cut -d'.' -f1,2)
-        charts_branch=charts/$branch_version
-        if [ ! -e ~/.gitconfig ]; then
-          git config --global user.name "eks-operator-bot"
-          git config --global user.email eks-operator@suse.de
-        fi
-        echo "Publishing helm chart in the branch $charts_branch"
-        if ! git ls-remote --exit-code --heads origin "$charts_branch"; then
-          git checkout --orphan "$charts_branch"
-          git rm -rf .
-          echo "# EKS Operator Helm Charts for $branch_version versions" > README.md
-          echo "The documentation is centralized in a unique place, checkout https://github.com/rancher/eks-operator." >> README.md
-          git checkout origin/main -- License .gitignore
-          git add README.md License .gitignore
-          git commit -m "Initial commit for $charts_branch"
-        else
-          git checkout .
-          git checkout "$charts_branch"
-        fi
-        mkdir -p charts
-        for f in $(find bin/ -name '*.tgz'); do
-          tar -xf $f -C charts/
-        done
-        git add charts/**/*
-        git commit -m "Update charts to version $version"
-        git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git
-        git push origin "$charts_branch"
+          ARCH=$(uname -m)
+          CHECKSUM="${GORELEASER_CHECKSUM_x86_64}"
+          if [[ "${ARCH}" != "x86_64" ]]; then
+          	echo "Unsupported architecture: ${ARCH}"
+          	exit 1
+          fi
 
+          FILE="goreleaser_${OS}_${ARCH}.tar.gz"
+
+          echo "Installing ${FILE}"
+          curl -LO "https://github.com/goreleaser/goreleaser/releases/download/${GORELEASER_VERSION}/${FILE}"
+          echo "${CHECKSUM} ${FILE}" | sha256sum -c
+          tar -xf "${FILE}" goreleaser
+
+          if sudo -n true &> /dev/null; then
+          	sudo install -m 755 goreleaser /usr/local/bin/goreleaser
+          else
+          	install -m 755 goreleaser /usr/local/bin/goreleaser
+          fi
+          rm -f "${FILE}" goreleaser
+      - name: Create release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for creating GH release
+          GORELEASER_CURRENT_TAG: ${{ github.ref_name }} # specify the tag to be released
+        id: goreleaser
+        shell: bash
+        run: |-
+          goreleaser release --clean --verbose
+          if [[ ! -f dist/metadata.json ]] || [[ ! -s dist/metadata.json ]]; then
+            echo "Missing required file: dist/metadata.json"
+            exit 1
+          fi
+          if [[ ! -f dist/artifacts.json ]] || [[ ! -s dist/artifacts.json ]]; then
+            echo "Missing required file: dist/artifacts.json"
+            exit 1
+          fi
+          echo "metadata=$(tr -d '\n\r' < dist/metadata.json)" >> "${GITHUB_OUTPUT}"
+          echo "artifacts=$(tr -d '\n\r' < dist/artifacts.json)" >> "${GITHUB_OUTPUT}"
+      - name: Upload charts to release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for updating GH release
+          REPO: rancher # First name component for Docker repository to reference in `values.yaml` of the Helm chart release, this is expected to be `rancher`, image name is appended to this value
+          TAG: ${{ github.ref_name }} # image tag to be referenced in `values.yaml` of the Helm chart release
+        run: |
+          version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version')
+          echo "Publishing helm charts (version: $version)"
+
+          # Both version and appVersion are set to the same value in the Chart.yaml (excluding the 'v' prefix)
+          CHART_VERSION=$version GIT_TAG=$version make charts
+
+          for f in $(find bin/ -name '*.tgz'); do
+            echo "Uploading $f to GitHub release $TAG"
+            gh release upload $TAG $f
+          done
+          echo "Charts successfully uploaded to GitHub release $TAG"
+      - name: Add charts to branch
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version')
+          branch_version=v$(echo "$version" | cut -d'.' -f1,2)
+          charts_branch=charts/$branch_version
+          if [ ! -e ~/.gitconfig ]; then
+            git config --global user.name "eks-operator-bot"
+            git config --global user.email eks-operator@suse.de
+          fi
+          echo "Publishing helm chart in the branch $charts_branch"
+          if ! git ls-remote --exit-code --heads origin "$charts_branch"; then
+            git checkout --orphan "$charts_branch"
+            git rm -rf .
+            echo "# EKS Operator Helm Charts for $branch_version versions" > README.md
+            echo "The documentation is centralized in a unique place, checkout https://github.com/rancher/eks-operator." >> README.md
+            git checkout origin/main -- License .gitignore
+            git add README.md License .gitignore
+            git commit -m "Initial commit for $charts_branch"
+          else
+            git checkout .
+            git checkout "$charts_branch"
+          fi
+          mkdir -p charts
+          for f in $(find bin/ -name '*.tgz'); do
+            tar -xf $f -C charts/
+          done
+          git add charts/**/*
+          git commit -m "Update charts to version $version"
+          git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git
+          git push origin "$charts_branch"
   dispatch-chart-release:
     permissions:
       contents: read