smtprelay/.github/workflows/release.yaml

name: Release Go Binaries

on:
  release:
    types: [created]

# Declare default permissions as read only.
permissions: read-all

jobs:
  releases-matrix:
    name: Release Go Binary
    runs-on: ubuntu-latest
    strategy:
      matrix:
        goos: [freebsd, linux, windows]
        goarch: [amd64, arm64]
    permissions:
        contents: write
        packages: write

    steps:
    - name: Harden Runner
      uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
      with:
        egress-policy: audit

    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
    
    - name: Set APP_VERSION env
      run: echo APP_VERSION=$(echo ${GITHUB_REF} | rev | cut -d'/' -f 1 | rev ) >> ${GITHUB_ENV}
    - name: Set BUILD_TIME env
      run: echo BUILD_TIME=$(date) >> ${GITHUB_ENV}
      
    - uses: wangyoucao577/go-release-action@481a2c1a0f1be199722e3e9b74d7199acafc30a8 # v1.53
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        goos: ${{ matrix.goos }}
        goarch: ${{ matrix.goarch }}
        goversion: "1.23"
        extra_files: LICENSE README.md smtprelay.ini
        ldflags: -s -w -X "main.appVersion=${{ env.APP_VERSION }}" -X "main.buildTime=${{ env.BUILD_TIME }}"