-
Notifications
You must be signed in to change notification settings - Fork 0
48 lines (43 loc) · 1.64 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
name: Release
on:
push:
branches:
- main
# Permissions for the GITHUB_TOKEN used by the workflow.
permissions:
contents: read # Allows reading the content of the repository.
packages: read # Allows reading the content of the repository's packages.
id-token: write
jobs:
tag-new-version:
permissions: write-all
runs-on: ubuntu-latest
outputs:
release_created: ${{ steps.release-flag.outputs.release_created }}
steps:
- name: Create Release Tag
id: tag
uses: googleapis/release-please-action@7987652d64b4581673a76e33ad5e98e3dd56832f # v4.1.3
- id: release-flag
run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> "$GITHUB_OUTPUT"
publish:
permissions:
contents: read # Allows reading the content of the repository.
packages: write # Allows reading the content of the repository's packages.
id-token: write
needs: tag-new-version
if: ${{ needs.tag-new-version.outputs.release_created == 'true' }}
strategy:
matrix:
flavor: [upstream]
architecture: [amd64, arm64]
exclude:
- flavor: registry1
architecture: arm64
uses: defenseunicorns/uds-common/.github/workflows/callable-publish.yaml@c52077c870a576d01f169f96d74d1b393c6488ba # v1.1.2
with:
flavor: ${{ matrix.flavor }}
runsOn: ${{ matrix.architecture == 'arm64' && 'uds-swf-ubuntu-arm64-4-core' || 'ubuntu-latest' }}
secrets: inherit # Inherits all secrets from the parent workflow.