chore(runtime): Update release-please workflow with clearer permissio… #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test and Release | |
| # This workflow runs on every push to the main branch. | |
| # It always runs tests. A release is only triggered if the commit message | |
| # contains the string "[release]". | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| actions: read # 添加此行 | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: '^1.23.0' | |
| test: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read # 明确赋予读取权限 | |
| actions: read # 明确赋予读取 Actions 的权限 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: '^1.23.0' # The Go version to download (if necessary) and use. | |
| - name: Install protoc # 手动安装 protoc | |
| run: | | |
| PROTOBUF_VERSION="25.3" # 您可以根据需要指定 protoc 版本 | |
| PROTOC_ZIP="protoc-${PROTOBUF_VERSION}-linux-x86_64.zip" | |
| curl -LO "https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOBUF_VERSION}/${PROTOC_ZIP}" | |
| sudo unzip -o ${PROTOC_ZIP} -d /usr/local bin/protoc | |
| sudo unzip -o ${PROTOC_ZIP} -d /usr/local include/* | |
| rm -f ${PROTOC_ZIP} | |
| - name: Install Buf CLI # 使用 go install 安装 Buf CLI | |
| run: go install github.com/bufbuild/buf/cmd/buf@latest | |
| - name: Run tests | |
| run: make test | |
| release: | |
| # The release job depends on the test job succeeding. | |
| needs: [test] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: '^1.23.0' | |
| - name: Create Release and Changelog | |
| id: release | |
| uses: googleapis/release-please-action@v4 | |
| with: | |
| config-file: release-please-config.json | |
| manifest-file: .github/.release-please-manifest.json # 已更新路径 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| # The Buf CLI is already installed by bufbuild/buf-action@v1 in the test job. | |
| # If you need it in the release job, you might need to install it again or pass it between jobs. | |
| # For now, assuming it's only needed in the test job or will be re-installed if needed here. | |
| - name: Push to Buf Schema Registry | |
| if: ${{ steps.release.outputs.release_created }} | |
| env: | |
| BUF_TOKEN: ${{ secrets.BUF_TOKEN }} | |
| run: buf push --tag ${{ steps.release.outputs.tag_name }} | |
| - name: Notify on new release | |
| if: ${{ steps.release.outputs.release_created }} | |
| run: | | |
| echo "New release created: ${{ steps.release.outputs.tag_name }}" | |
| echo "Release notes: ${{ steps.release.outputs.release_notes }}" |