-
Notifications
You must be signed in to change notification settings - Fork 10
141 lines (135 loc) · 4.61 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: "Release"
on:
workflow_dispatch: {}
permissions:
contents: write
jobs:
release-version:
runs-on: ubuntu-latest
outputs:
release_version: ${{ steps.version.outputs.RELEASE_VERSION }}
steps:
- name: Set Release Version
id: version
run: |
echo "RELEASE_VERSION=$(date +v%Y.%-m.%-d)" >> $GITHUB_OUTPUT
- name: Ensure Release Does Not Exist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release delete $RELEASE_VERSION || true
release-brew:
runs-on: macos-latest
needs: release-version
env:
RELEASE_VERSION: ${{ needs.release-version.outputs.release_version }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: 'true'
token: ${{ secrets.ORG_GITHUB_TOKEN }}
- name: Fetch All Tags
run: git fetch --force --tags
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: src/go.mod
- name: Cache Go modules
uses: actions/cache@v4
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Import GPG Key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Ensure Changelog
run: |
git config user.name "OpsLevel Bots"
git config user.email "bots@opslevel.com"
if test -f ./.changes/$RELEASE_VERSION.md
then
echo "Skip Changie..."
else
go install github.com/miniscruff/changie@latest
changie batch $RELEASE_VERSION
changie merge
git add .
git commit -m "Cut Release '$RELEASE_VERSION'"
git push origin HEAD
fi
git tag -f $RELEASE_VERSION -m "Cut Release '$RELEASE_VERSION'"
git push -f origin refs/tags/$RELEASE_VERSION
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5.0.0
with:
args: release --clean --release-notes=../.changes/${{ needs.release-version.outputs.release_version }}.md
workdir: ./src
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ORG_GITHUB_TOKEN: ${{ secrets.ORG_GITHUB_TOKEN }}
- name: Checkout
uses: actions/checkout@v4
with:
repository: OpsLevel/homebrew-tap
token: ${{ secrets.ORG_GITHUB_TOKEN }}
path: homebrew-tap
- name: Update homebrew
working-directory: homebrew-tap
run: |
cd Formula
awk -v ver="${RELEASE_VERSION}" '/version/, /tags/ {sub(/[0-9]+\.[0-9]+\.[0-9]+/, ver)} {print}' kubectl.rb > tmp.rb
mv tmp.rb kubectl.rb
git config user.name "OpsLevel Bots"
git config user.email "bots@opslevel.com"
git add .
git commit -m "Brew formula update for kubectl-opslevel version v$RELEASE_VERSION"
git push -f origin HEAD
release-docker:
runs-on: ubuntu-latest
needs: release-version
env:
RELEASE_VERSION: ${{ needs.release-version.outputs.RELEASE_VERSION }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
token: ${{ secrets.ORG_GITHUB_TOKEN }}
- name: Fetch All Tags
run: git fetch --force --tags
- name: Login to Public ECR
uses: docker/login-action@v3
with:
registry: ${{ secrets.ECR_PUBLIC_REGISTRY }}
username: ${{ secrets.ECR_PUBLIC_AWS_ACCESS_KEY_ID }}
password: ${{ secrets.ECR_PUBLIC_AWS_SECRET_ACCESS_KEY }}
env:
AWS_REGION: us-east-1
- name: Docker Build And Push
env:
IMAGE: "public.ecr.aws/opslevel/kubectl-opslevel"
run: |
cd ./src
docker build \
-t "${IMAGE}:latest" \
-t "${IMAGE}:${RELEASE_VERSION}" \
--build-arg="VERSION=${RELEASE_VERSION}" \
--build-arg="COMMIT=${GITHUB_SHA::7}" .
docker push "${IMAGE}:latest"
docker push "${IMAGE}:${RELEASE_VERSION}"
report-release:
needs: [release-brew, release-docker]
runs-on: ubuntu-latest
steps:
- name: Report Release To OpsLevel
uses: opslevel/report-deploy-github-action@v0.7.0
with:
integration_url: ${{ secrets.DEPLOY_INTEGRATION_URL }}
service: "opslevel_kubernetes_sync"