release #68
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Release" | |
| on: | |
| workflow_dispatch: {} | |
| repository_dispatch: | |
| types: | |
| - release | |
| permissions: | |
| contents: write | |
| jobs: | |
| release-version: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_version: ${{ steps.version.outputs.RELEASE_VERSION }} | |
| steps: | |
| - name: Set Release Version | |
| id: version | |
| run: | | |
| echo "RELEASE_VERSION=$(date +v%Y.%-m.%-d)" >> $GITHUB_OUTPUT | |
| - name: Ensure Release Does Not Exist | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh release delete $RELEASE_VERSION || true | |
| release-brew: | |
| runs-on: macos-latest | |
| needs: release-version | |
| env: | |
| RELEASE_VERSION: ${{ needs.release-version.outputs.release_version }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'true' | |
| token: ${{ secrets.ORG_GITHUB_TOKEN }} | |
| - name: Fetch All Tags | |
| run: git fetch --force --tags | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: src/go.mod | |
| - name: Cache Go modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Import GPG Key | |
| id: import_gpg | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
| - name: Install Task | |
| uses: arduino/setup-task@v2 | |
| with: | |
| version: 3.x | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Verify release has latest OpsLevel dependencies | |
| run: task has-latest-opslevel-dependencies | |
| - name: Ensure Changelog | |
| run: | | |
| git config user.name "OpsLevel Bots" | |
| git config user.email "bots@opslevel.com" | |
| if test -f ./.changes/$RELEASE_VERSION.md | |
| then | |
| echo "Skip Changie..." | |
| else | |
| go install github.com/miniscruff/changie@latest | |
| changie batch $RELEASE_VERSION | |
| changie merge | |
| git add . | |
| git commit -m "Cut Release '$RELEASE_VERSION'" | |
| git push origin HEAD | |
| fi | |
| git tag -f $RELEASE_VERSION -m "Cut Release '$RELEASE_VERSION'" | |
| git push -f origin refs/tags/$RELEASE_VERSION | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v5.0.0 | |
| id: goreleaser | |
| with: | |
| args: release --clean --release-notes=../.changes/${{ needs.release-version.outputs.release_version }}.md | |
| workdir: ./src | |
| env: | |
| GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ORG_GITHUB_TOKEN: ${{ secrets.ORG_GITHUB_TOKEN }} | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # repository: OpsLevel/homebrew-tap | |
| # token: ${{ secrets.ORG_GITHUB_TOKEN }} | |
| # path: homebrew-tap | |
| # - name: Update homebrew | |
| # working-directory: homebrew-tap | |
| # run: | | |
| # cd Formula | |
| # awk -v ver="${RELEASE_VERSION:1}" '/version/ {sub(/[0-9]+\.[0-9]+\.[0-9]+/, ver)} {print}' kubectl.rb > tmp.txt | |
| # awk -v full_sha="${GITHUB_SHA}" \ | |
| # -v short_sha="${GITHUB_SHA::12}" \ | |
| # '/commit/ {sub(/[0-9a-f]{12}/, short_sha)} /revision/ {sub(/[0-9a-f]{10}+/, full_sha)} {print}' \ | |
| # tmp.txt > kubectl.rb | |
| # rm tmp.txt | |
| # git config user.name "OpsLevel Bots" | |
| # git config user.email "bots@opslevel.com" | |
| # git add . | |
| # git commit -m "Brew formula update for kubectl-opslevel version $RELEASE_VERSION" | |
| # git push -f origin HEAD | |
| # - name: Update homebrew | |
| # env: | |
| # HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.ORG_GITHUB_TOKEN }} | |
| # run: > | |
| # brew tap opslevel/tap && | |
| # brew bump-formula-pr | |
| # --verbose | |
| # --no-audit | |
| # --no-browse | |
| # --write-only | |
| # --message="Brew formula update for kubectl-opslevel version $RELEASE_VERSION" | |
| # --version="$RELEASE_VERSION" | |
| # --revision="${GITHUB_SHA}" | |
| # opslevel/tap/kubectl | |
| release-docker: | |
| runs-on: ubuntu-latest | |
| needs: release-version | |
| env: | |
| RELEASE_VERSION: ${{ needs.release-version.outputs.RELEASE_VERSION }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.ORG_GITHUB_TOKEN }} | |
| - name: Fetch All Tags | |
| run: git fetch --force --tags | |
| - name: Login to Public ECR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.ECR_PUBLIC_REGISTRY }} | |
| username: ${{ secrets.ECR_PUBLIC_AWS_ACCESS_KEY_ID }} | |
| password: ${{ secrets.ECR_PUBLIC_AWS_SECRET_ACCESS_KEY }} | |
| env: | |
| AWS_REGION: us-east-1 | |
| - name: Docker Build And Push | |
| env: | |
| IMAGE: "public.ecr.aws/opslevel/kubectl-opslevel" | |
| run: | | |
| cd ./src | |
| docker build \ | |
| -t "${IMAGE}:latest" \ | |
| -t "${IMAGE}:${RELEASE_VERSION}" \ | |
| --build-arg="VERSION=${RELEASE_VERSION}" \ | |
| --build-arg="COMMIT=${GITHUB_SHA::7}" . | |
| docker push "${IMAGE}:latest" | |
| docker push "${IMAGE}:${RELEASE_VERSION}" | |
| report-release: | |
| needs: [release-brew, release-docker] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Report Release To OpsLevel | |
| uses: opslevel/report-deploy-github-action@v0.7.0 | |
| with: | |
| integration_url: ${{ secrets.DEPLOY_INTEGRATION_URL }} | |
| service: "opslevel_kubernetes_sync" |