smtprelay/.github/workflows/release.yaml

name: Release Go Binaries

on:
  release:
    types: [created]

# Declare default permissions as read only.
permissions: read-all

jobs:
  releases-matrix:
    name: Release Go Binary
    runs-on: ubuntu-latest
    strategy:
      matrix:
        goos: [freebsd, linux, windows]
        goarch: [amd64, arm64]
    permissions:
        contents: write
        packages: write

    steps:
    - name: Harden Runner
      uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
      with:
        egress-policy: audit

    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
    
    - name: Set APP_VERSION env
      run: echo APP_VERSION=$(echo ${GITHUB_REF} | rev | cut -d'/' -f 1 | rev ) >> ${GITHUB_ENV}
    - name: Set BUILD_TIME env
      run: echo BUILD_TIME=$(date) >> ${GITHUB_ENV}
      
    - uses: wangyoucao577/go-release-action@ec4e3151b3eccfa3527868ba70f60402265fef06 # v1.54
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        goos: ${{ matrix.goos }}
        goarch: ${{ matrix.goarch }}
        extra_files: LICENSE README.md smtprelay.ini
        ldflags: -s -w -X "main.appVersion=${{ env.APP_VERSION }}" -X "main.buildTime=${{ env.BUILD_TIME }}"