release #419
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
workflow_dispatch: | |
inputs: | |
tag: | |
description: | | |
The version to release. | |
Depending on the value, a production release will be published to GitHub or not. | |
- In case of prerelease tags (e.g. v1.2.3-alpha.1) it will build-push the images (only standard tags, | |
i.e., v1.2.3-alpha.1), test them and publish a GitHub prerelease (labeled as non-production ready). | |
- In other cases (e.g. v1.2.3) it will build-push the images (standard and supplemental tags, | |
i.e., v1.2.3 and v1.2), test them and publish a production Github release. | |
required: true | |
latest: | |
description: 'Whether to tag this release latest' | |
required: true | |
type: boolean | |
default: false | |
jobs: | |
verify-manifest-tag: | |
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }} | |
runs-on: ubuntu-latest | |
outputs: | |
fullversion_tag: ${{ steps.semver_parser.outputs.fullversion }} | |
steps: | |
- uses: mukunku/[email protected] | |
id: check-tag | |
name: check if tag already exists | |
with: | |
tag: ${{ github.event.inputs.tag }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: fail if tag already exists | |
if: ${{ steps.check-tag.outputs.exists == 'true' }} | |
run: exit 1 | |
- name: checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Parse semver string | |
id: semver_parser | |
uses: booxmedialtd/[email protected] | |
with: | |
input_string: ${{ github.event.inputs.tag }} | |
version_extractor_regex: 'v(.*)$' | |
- name: Verify manifests have requested KIC tag | |
if: ${{ steps.semver_parser.outputs.prerelease == '' }} | |
env: | |
# We expect the tag used in manifests to be {major}.{minor} part of the version, e.g. | |
# for v2.10.3 we expect manifests to use 2.10 tag. | |
TAG: ${{ steps.semver_parser.outputs.major }}.${{ steps.semver_parser.outputs.minor }} | |
run: make verify.versions | |
build-push-images: | |
timeout-minutes: ${{ fromJSON(vars.GHA_EXTENDED_TIMEOUT_MINUTES) }} | |
environment: 'Docker Push' | |
needs: verify-manifest-tag | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Parse semver string | |
id: semver_parser | |
uses: booxmedialtd/[email protected] | |
with: | |
input_string: ${{ github.event.inputs.tag }} | |
version_extractor_regex: 'v(.*)$' | |
- name: Add standard tags | |
run: | | |
echo 'TAGS_STANDARD<<EOF' >> $GITHUB_ENV | |
echo 'type=raw,value=${{ steps.semver_parser.outputs.fullversion }}' >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Add major.minor tag | |
if: ${{ steps.semver_parser.outputs.prerelease == '' }} | |
run: | | |
echo 'TAGS_SUPPLEMENTAL<<EOF' >> $GITHUB_ENV | |
echo "" >> $GITHUB_ENV | |
echo 'type=raw,value=${{ steps.semver_parser.outputs.major }}.${{ steps.semver_parser.outputs.minor }}' >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache Docker layers | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: Docker meta | |
id: meta | |
uses: docker/[email protected] | |
with: | |
images: kong/kubernetes-ingress-controller | |
flavor: | | |
latest=${{ github.event.inputs.latest == 'true' }} | |
tags: ${{ env.TAGS_STANDARD }}${{ env.TAGS_SUPPLEMENTAL }} | |
- name: Build binary | |
id: docker_build_binary | |
uses: docker/build-push-action@v5 | |
with: | |
push: false | |
file: Dockerfile | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
target: builder | |
platforms: linux/amd64, linux/arm64 | |
build-args: | | |
TAG=${{ steps.meta.outputs.version }} | |
COMMIT=${{ github.sha }} | |
REPO_INFO=https://github.com/${{ github.repository }}.git | |
- name: Build and push distroless image to DockerHub | |
id: docker_build | |
uses: docker/build-push-action@v5 | |
with: | |
push: true | |
file: Dockerfile | |
tags: ${{ steps.meta.outputs.tags }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
target: distroless | |
platforms: linux/amd64, linux/arm64 | |
build-args: | | |
TAG=${{ steps.meta.outputs.version }} | |
COMMIT=${{ github.sha }} | |
REPO_INFO=https://github.com/${{ github.repository }}.git | |
test-e2e: | |
needs: [verify-manifest-tag, build-push-images] | |
uses: ./.github/workflows/_e2e_tests.yaml | |
secrets: inherit | |
with: | |
kic-image: kong/kubernetes-ingress-controller:${{ needs.verify-manifest-tag.outputs.fullversion_tag }} | |
all-supported-k8s-versions: true | |
publish-release: | |
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }} | |
runs-on: ubuntu-latest | |
needs: [build-push-images, test-e2e] | |
steps: | |
- name: Parse semver string | |
id: semver_parser | |
uses: booxmedialtd/[email protected] | |
with: | |
input_string: ${{ github.event.inputs.tag }} | |
version_extractor_regex: 'v(.*)$' | |
- uses: ncipollo/release-action@v1 | |
with: | |
body: | | |
#### Download Kong Ingress Controller ${{ steps.semver_parser.outputs.fullversion }}: | |
- [Docker Image](https://hub.docker.com/repository/docker/kong/kubernetes-ingress-controller) | |
- [Get started](https://github.com/Kong/kubernetes-ingress-controller#get-started) | |
#### Links: | |
- [Changelog](https://github.com/Kong/kubernetes-ingress-controller/blob/main/CHANGELOG.md#${{ steps.semver_parser.outputs.major }}${{ steps.semver_parser.outputs.minor }}${{ steps.semver_parser.outputs.patch }}) | |
token: ${{ secrets.GITHUB_TOKEN }} | |
tag: ${{ github.event.inputs.tag }} | |
commit: ${{ github.sha }} | |
# When prerelease part of the input tag is not empty, make it a prerelease. | |
# The release will be labeled as non-production ready in GitHub. | |
prerelease: ${{ steps.semver_parser.outputs.prerelease != '' }} | |
makeLatest: ${{ github.event.inputs.latest == 'true' }} | |
update-latest-branch: | |
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }} | |
runs-on: ubuntu-latest | |
if: github.event.inputs.latest == 'true' | |
needs: | |
- publish-release | |
steps: | |
- name: checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Parse semver string | |
id: semver_parser | |
uses: booxmedialtd/[email protected] | |
with: | |
input_string: ${{ github.event.inputs.tag }} | |
version_extractor_regex: 'v(.*)$' | |
- name: update 'latest' branch | |
run: | | |
git checkout latest | |
git reset --hard v${{ steps.semver_parser.outputs.major }}.${{ steps.semver_parser.outputs.minor }}.${{ steps.semver_parser.outputs.patch }} | |
git push -f origin latest |