This repository has been archived by the owner on Mar 16, 2024. It is now read-only.
Merge pull request #2455 from ibuildthecloud/main #1290
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: main-release | |
concurrency: | |
group: main-release | |
cancel-in-progress: true | |
on: | |
push: | |
branches: | |
- main | |
permissions: | |
contents: write | |
packages: write | |
jobs: | |
main-release: | |
runs-on: buildjet-32vcpu-ubuntu-2204 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
cache: false | |
go-version: "1.21" | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v2 | |
with: | |
buildkitd-flags: --debug | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Install Cosign | |
uses: sigstore/cosign-installer@main | |
with: | |
cosign-release: "v2.2.2" | |
- name: Setup Cosign | |
run: | | |
echo "${COSIGN_KEY}" > "$GITHUB_WORKSPACE/cosign.key" | |
env: | |
COSIGN_KEY: ${{ secrets.COSIGN_KEY }} | |
- run: make validate-code | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v4 | |
with: | |
distribution: goreleaser | |
version: v1.23.0 | |
args: release --clean --snapshot | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GH_PROJECT_TOKEN: ${{ secrets.GH_PROJECT_TOKEN }} | |
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
AC_IDENTITY: ${{ secrets.AC_IDENTITY }} | |
AC_USERNAME: ${{ secrets.AC_USERNAME }} | |
AC_PASSWORD: ${{ secrets.AC_PASSWORD }} | |
AC_P12: ${{ secrets.AC_P12 }} | |
AC_P12_PASSWORD: ${{ secrets.AC_P12_PASSWORD }} | |
AC_ISSUER_ID: ${{ secrets.AC_ISSUER_ID }} | |
AC_KEY_ID: ${{ secrets.AC_KEY_ID }} | |
AC_PRIVATE_KEY: ${{ secrets.AC_PRIVATE_KEY }} | |
- name: Push Docker Images | |
run: | | |
VERSION=v$(cat releases/metadata.json | jq -r .version) | |
IMAGES=$(docker images --format "{{.Repository}}:{{.Tag}}" | grep "$VERSION") | |
for i in ${IMAGES}; do | |
docker push $i | |
done | |
docker manifest create ghcr.io/acorn-io/runtime:main ${IMAGES} | |
docker manifest push ghcr.io/acorn-io/runtime:main | |
docker manifest create ghcr.io/acorn-io/runtime:${VERSION} ${IMAGES} | |
docker manifest push ghcr.io/acorn-io/runtime:${VERSION} | |
- name: Upload to S3 | |
uses: jakejarvis/[email protected] | |
env: | |
SOURCE_DIR: releases | |
DEST_DIR: cli | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
AWS_S3_ENDPOINT: ${{ secrets.AWS_ENDPOINT }} | |
AWS_S3_BUCKET: ${{ secrets.AWS_BUCKET }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
- name: report failure to slack | |
if: failure() | |
id: slack-failure | |
uses: slackapi/[email protected] | |
with: | |
channel-id: "${{ secrets.SLACK_BOT_FAILURE_CHANNEL }}" | |
slack-message: "❌ Main-Release failed: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |