Whenever a tag is pushed to this repo, tar up the enclaver binaries created in the release workflow and push them to a new Draft Release.
I went back-and-forth on whether we should trigger a workflow based on a tag, or create a tag in a workflow. My impression is that (un-intuitively) GH supports slightly more powerful permissions on tags vs releases, and this seems slightly more usable vs manually trigger a workflow.
There is a lot of code duplication in this workflow, but its pretty well contained and simpler than trying to do this with a matrixed job, since we need to collect all the results into a single Release.
Whenever a tag is pushed to this repo, tar up the
enclaverbinaries created in thereleaseworkflow and push them to a new Draft Release.I went back-and-forth on whether we should trigger a workflow based on a tag, or create a tag in a workflow. My impression is that (un-intuitively) GH supports slightly more powerful permissions on tags vs releases, and this seems slightly more usable vs manually trigger a workflow.
There is a lot of code duplication in this workflow, but its pretty well contained and simpler than trying to do this with a matrixed job, since we need to collect all the results into a single Release.