From 494da3d668b3fc79dc6972e9a37c34650ba24eb6 Mon Sep 17 00:00:00 2001
From: max furman <mx.furman@gmail.com>
Date: Sat, 11 Sep 2021 13:05:17 -0700
Subject: [PATCH] [action] goreleaser header packages

---
 .github/workflows/release.yml | 15 +++++++++++++++
 .goreleaser.yml               | 34 ++++++++++++++++++++++++++--------
 Makefile                      |  2 +-
 3 files changed, 42 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e2e0176c..6da2aa27 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -62,8 +62,15 @@ jobs:
     needs: test
     runs-on: ubuntu-20.04
     outputs:
+      debversion: ${{ steps.extract-tag.outputs.DEB_VERSION }}
       is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}
     steps:
+      -
+        name: Extract Tag Names
+        id: extract-tag
+        run: |
+          DEB_VERSION=$(echo ${GITHUB_REF#refs/tags/v} | sed 's/-/./')
+          echo "::set-output name=DEB_VERSION::${DEB_VERSION}"
       -
         name: Is Pre-release
         id: is_prerelease
@@ -122,6 +129,12 @@ jobs:
         name: Write cosign key to disk
         id: write_key
         run: echo "${{ secrets.COSIGN_KEY }}" > "/tmp/cosign.key"
+      -
+        name: Get Release Date
+        id: release_date
+        run: |
+          RELEASE_DATE=$(date +"%y-%m-%d")
+          echo "::set-output name=RELEASE_DATE::${RELEASE_DATE}"
       -
         name: Run GoReleaser
         uses: goreleaser/goreleaser-action@5a54d7e660bda43b405e8463261b3d25631ffe86 # v2.7.0
@@ -131,6 +144,8 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.PAT }}
           COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
+          DEB_VERSION: ${{ needs.create_release.outputs.debversion }}
+          RELEASE_DATE: ${{ steps.release_date.outputs.RELEASE_DATE }}
 
   build_upload_docker:
     name: Build & Upload Docker Images
diff --git a/.goreleaser.yml b/.goreleaser.yml
index 78c892f0..b61bde61 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -154,26 +154,45 @@ release:
 
   # You can change the name of the release.
   # Default is `{{.Tag}}`
-  #name_template: "{{.ProjectName}}-v{{.Version}} {{.Env.USER}}"
+  name_template: "Step CA {{ .Tag }} ({{ .Env.RELEASE_DATE }})"
 
   # Header template for the release body.
   # Defaults to empty.
   header: |
-    Welcome to this new release!
+    ## Official Release Artifacts
+
+    #### Linux
+
+    - 📦 [step-ca_linux_{{ .Version }}_amd64.tar.gz](https://dl.step.sm/cli/{{ .Tag }}/step-ca_linux_{{ .Version }}_amd64.tar.gz)
+    - 📦 [step-ca_{{ .Env.DEB_VERSION }}_amd64.deb](https://dl.step.sm/cli/{{ .Tag }}/step-ca_{{ .Env.DEB_VERSION }}_amd64.deb)
+
+    #### OSX Darwin
+
+    - 📦 [step-ca_darwin_{{ .Version }}_amd64.tar.gz](https://dl.step.sm/cli/{{ .Tag }}/step-ca_darwin_{{ .Version }}_amd64.tar.gz)
+    - 📦 [step-ca_darwin_{{ .Version }}_arm64.tar.gz](https://dl.step.sm/cli/{{ .Tag }}/step-ca_darwin_{{ .Version }}_arm64.tar.gz)
+
+    #### Windows
+
+    - 📦 [step-ca_windows_{{ .Version }}_arm64.zip](https://dl.step.sm/cli/{{ .Tag }}/step-ca_windows_{{ .Version }}_amd64.zip)
+
+    For more builds across platforms and architectures see the `Assets` section below.
+
+    Don't see the artifact you need? Open an issue [here](https://github.com/smallstep/certificates/issues/new/choose).
 
     ## Signatures and Checksums
 
     `step-ca` uses [sigstore/cosign](https://github.com/sigstore/cosign) for signing and verifying release artifacts.
-    Here is an example of how to use `cosign` to verify a release artifact:
+
+    Below is an example using `cosign` to verify a release artifact:
 
     ```
     cosign verify-blob \
       -key https://raw.githubusercontent.com/smallstep/certificates/master/cosign.pub \
-      -signature ~/Downloads/step-ca_darwin_0.17.2_amd64.tar.gz.sig
-      ~/Downloads/step-ca_darwin_0.17.2_amd64.tar.gz
+      -signature ~/Downloads/step-ca_darwin_{{ .Version }_amd64.tar.gz.sig
+      ~/Downloads/step-ca_darwin_{{ .Version }_amd64.tar.gz
     ```
 
-    We use the `checksums.txt` file to store checksums for every artifact in the release.
+    The `checksums.txt` file (in the `Assets` section below) contains a checksum for every artifact in the release.
 
   # Footer template for the release body.
   # Defaults to empty.
@@ -182,8 +201,7 @@ release:
 
     Those were the changes on {{ .Tag }}!
 
-    Come join us on [Discord](https://discord.gg/X2RKGwEbV9) to ask questions, chat about PKI,
-    or get a sneak peak at the freshest PKI memes.
+    Come join us on [Discord](https://discord.gg/X2RKGwEbV9) to ask questions, chat about PKI, or get a sneak peak at the freshest PKI memes.
 
   # You can disable this pipe in order to not upload any artifacts.
   # Defaults to false.
diff --git a/Makefile b/Makefile
index 3435f132..108efa1d 100644
--- a/Makefile
+++ b/Makefile
@@ -68,7 +68,7 @@ PUSHTYPE := branch
 endif
 
 VERSION := $(shell echo $(VERSION) | sed 's/^v//')
-DEB_VERSION := $(shell echo $(VERSION) | sed 's/-/~/g')
+DEB_VERSION := $(shell echo $(VERSION) | sed 's/-/./g')
 
 ifdef V
 $(info    TRAVIS_TAG is $(TRAVIS_TAG))