Release package #118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release package | |
on: | |
workflow_dispatch: | |
inputs: | |
release-type: | |
description: 'Release type (one of): patch, minor, major' | |
required: true | |
permissions: | |
contents: write | |
jobs: | |
checkout-repo-and-bump-version: | |
runs-on: buildjet-2vcpu-ubuntu-2204 | |
name: Check out Repo and Bump Version | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Bump version | |
shell: bash | |
run: | | |
sudo apt-get install -y moreutils | |
docker pull usvc/semver:latest | |
version=$(cat composer.json | jq -r .version) | |
bumpType=${{ github.event.inputs.release-type }} | |
newVersion="$(docker run usvc/semver:latest bump $bumpType $version | tr -d '\r')" | |
newVersionWithoutPatch=$(echo "$newVersion" | cut -d'.' -f1,2) | |
newVersionWithoutMinor=$(echo "$newVersion" | cut -d'.' -f1) | |
jq --arg newVersion "$newVersion" '.version = $newVersion' composer.json | sponge composer.json | |
echo "New version: $newVersion" | |
mkdir -p /tmp/ci-env | |
echo "NEW_VERSION=$newVersion" >> /tmp/ci-env/NEW_VERSION.txt | |
echo "NEW_VERSION_WITHOUT_PATCH=$newVersionWithoutPatch" >> /tmp/ci-env/NEW_VERSION.txt | |
echo "NEW_VERSION_WITHOUT_MINOR=$newVersionWithoutMinor" >> /tmp/ci-env/NEW_VERSION.txt | |
echo "NEW_VERSION=$newVersion" >> $GITHUB_ENV | |
cat /tmp/ci-env/NEW_VERSION.txt | |
echo "Update version in command examples within documentation" | |
find ./docs/api-endpoints -type f -exec sed -i "s/$version/$newVersion/g" {} \; | |
find ./docs/commands/assets -type f -exec sed -i "s/$version/$newVersion/g" {} \; | |
- name: Update changelog unreleased section with new version | |
uses: superfaceai/release-changelog-action@v3 | |
with: | |
path-to-changelog: CHANGELOG.md | |
version: ${{ env.NEW_VERSION }} | |
operation: release | |
- name: Archive working folder for artifact | |
shell: bash | |
run: | | |
tar --exclude='.git' -czf /tmp/bumped-repo.tar.gz . | |
cd /tmp/ci-env/ | |
tar -czf /tmp/ci-env.tar.gz . | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: bumped-repo | |
path: /tmp/bumped-repo.tar.gz | |
retention-days: 7 | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: ci-env | |
path: /tmp/ci-env.tar.gz | |
retention-days: 7 | |
build-docker-image-amd: | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
name: Build Docker Image - AMD | |
timeout-minutes: 20 | |
needs: checkout-repo-and-bump-version | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: bumped-repo | |
path: /tmp | |
- uses: actions/download-artifact@v4 | |
with: | |
name: ci-env | |
path: /tmp | |
- name: Extract artifacts | |
shell: bash | |
run: | | |
ls -la /tmp | |
tar xvfz /tmp/bumped-repo.tar.gz -C ./ | |
ls -la | |
mkdir -p /tmp/ci-env | |
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/ | |
ls -la /tmp/ci-env | |
- name: Load version from artifact | |
shell: bash | |
run: | | |
ls -la /tmp/ci-env | |
cat /tmp/ci-env/NEW_VERSION.txt | |
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV | |
- name: Debug version | |
run: | | |
echo $NEW_VERSION | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build Docker image - AMD | |
run: | | |
docker build \ | |
--target production \ | |
--build-arg="VERSION=${{ env.NEW_VERSION }}" \ | |
--no-cache \ | |
-t api:latest-amd \ | |
-f ./docker/Dockerfile \ | |
. | |
docker save api:latest-amd | gzip > api-latest-amd.tar.gz | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: docker-image-api-latest-amd | |
path: api-latest-amd.tar.gz | |
retention-days: 7 | |
build-docker-image-arm: | |
runs-on: buildjet-4vcpu-ubuntu-2204-arm | |
name: Build Docker Image - ARM | |
timeout-minutes: 20 | |
needs: checkout-repo-and-bump-version | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: bumped-repo | |
path: /tmp | |
- uses: actions/download-artifact@v4 | |
with: | |
name: ci-env | |
path: /tmp | |
- name: Extract artifacts | |
shell: bash | |
run: | | |
ls -la /tmp | |
tar xvfz /tmp/bumped-repo.tar.gz -C ./ | |
ls -la | |
mkdir -p /tmp/ci-env | |
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/ | |
ls -la /tmp/ci-env | |
- name: Load version from artifact | |
shell: bash | |
run: | | |
ls -la /tmp/ci-env | |
cat /tmp/ci-env/NEW_VERSION.txt | |
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV | |
- name: Debug version | |
run: | | |
echo $NEW_VERSION | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build Docker image - ARM | |
run: | | |
docker build \ | |
--target production \ | |
--build-arg="VERSION=${{ env.NEW_VERSION }}" \ | |
--no-cache \ | |
-t api:latest-arm \ | |
-f ./docker/Dockerfile \ | |
. | |
docker save api:latest-arm | gzip > api-latest-arm.tar.gz | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: docker-image-api-latest-arm | |
path: api-latest-arm.tar.gz | |
retention-days: 7 | |
publish-release: | |
runs-on: buildjet-2vcpu-ubuntu-2204 | |
name: Publish release | |
timeout-minutes: 10 | |
needs: [build-docker-image-amd, build-docker-image-arm] | |
steps: | |
- shell: bash | |
run: | | |
pwd | |
ls -la | |
- uses: actions/checkout@v4 | |
- shell: bash | |
run: | | |
pwd | |
ls -la | |
git config -l | cat | |
- uses: actions/download-artifact@v4 | |
with: | |
name: bumped-repo | |
path: /tmp | |
- uses: actions/download-artifact@v4 | |
with: | |
name: ci-env | |
path: /tmp | |
- name: Extract artifacts | |
shell: bash | |
run: | | |
ls -la /tmp | |
tar xvfz /tmp/bumped-repo.tar.gz -C ./ | |
ls -la | |
mkdir -p /tmp/ci-env | |
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/ | |
ls -la /tmp/ci-env | |
- shell: bash | |
run: | | |
pwd | |
ls -la | |
git config -l | cat | |
- name: Load version from artifact | |
shell: bash | |
run: | | |
ls -la /tmp/ci-env | |
cat /tmp/ci-env/NEW_VERSION.txt | |
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV | |
- name: Debug version | |
run: | | |
echo "${{ env.NEW_VERSION }}" | |
echo "${{ env.NEW_VERSION_WITHOUT_PATCH }}" | |
echo "${{ env.NEW_VERSION_WITHOUT_MINOR }}" | |
# see also https://github.com/Nautilus-Cyberneering/pygithub | |
- name: Import GPG key | |
id: import-gpg | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.PASSPHRASE }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
- name: Debug GPG | |
run: | | |
echo "fingerprint: ${{ steps.import-gpg.outputs.fingerprint }}" | |
echo "keyid: ${{ steps.import-gpg.outputs.keyid }}" | |
echo "name: ${{ steps.import-gpg.outputs.name }}" | |
echo "email: ${{ steps.import-gpg.outputs.email }}" | |
- name: Git configuration | |
run: | | |
git config --global user.email "${{ steps.import-gpg.outputs.email }}" | |
git config --global user.name "${{ steps.import-gpg.outputs.name }}" | |
- name: Commit changes and create tag | |
run: | | |
git add . | |
git commit -m "chore: release ${{ env.NEW_VERSION }}" | |
git tag ${{ env.NEW_VERSION }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: docker-image-api-latest-amd | |
path: /tmp/docker | |
- uses: actions/download-artifact@v4 | |
with: | |
name: docker-image-api-latest-arm | |
path: /tmp/docker | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Create multi arch Docker image | |
shell: bash | |
run: | | |
ls -la /tmp/docker | |
docker load < /tmp/docker/api-latest-amd.tar.gz | |
docker load < /tmp/docker/api-latest-arm.tar.gz | |
docker tag api:latest-amd embernexus/api:tmp-latest-amd | |
docker tag api:latest-arm embernexus/api:tmp-latest-arm | |
docker tag api:latest-amd embernexus/api:${{ env.NEW_VERSION }}-amd | |
docker tag api:latest-arm embernexus/api:${{ env.NEW_VERSION }}-arm | |
docker save embernexus/api:${{ env.NEW_VERSION }}-amd | gzip > /tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-amd.tar.gz | |
docker save embernexus/api:${{ env.NEW_VERSION }}-arm | gzip > /tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-arm.tar.gz | |
docker push embernexus/api:tmp-latest-amd | |
docker push embernexus/api:tmp-latest-arm | |
echo "Creating and pushing multi arch image embernexus/api:latest" | |
docker manifest create \ | |
embernexus/api:latest \ | |
--amend embernexus/api:tmp-latest-amd \ | |
--amend embernexus/api:tmp-latest-arm | |
docker manifest push embernexus/api:latest | |
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION }}" | |
docker manifest create \ | |
embernexus/api:${{ env.NEW_VERSION }} \ | |
--amend embernexus/api:tmp-latest-amd \ | |
--amend embernexus/api:tmp-latest-arm | |
docker manifest push embernexus/api:${{ env.NEW_VERSION }} | |
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }}" | |
docker manifest create \ | |
embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }} \ | |
--amend embernexus/api:tmp-latest-amd \ | |
--amend embernexus/api:tmp-latest-arm | |
docker manifest push embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }} | |
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }}" | |
docker manifest create \ | |
embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }} \ | |
--amend embernexus/api:tmp-latest-amd \ | |
--amend embernexus/api:tmp-latest-arm | |
docker manifest push embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }} | |
echo "Creating temporary JWT key for Docker Hub" | |
export TMP_DOCKERHUB_JWT_TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${{ secrets.DOCKERHUB_USERNAME}}'", "password": "'${{ secrets.DOCKERHUB_TOKEN }}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token) | |
echo "Deleting Docker Hub tag embernexus/api:tmp-latest-amd" | |
curl -s -X DELETE -H "Authorization: JWT ${TMP_DOCKERHUB_JWT_TOKEN}" https://hub.docker.com/v2/repositories/embernexus/api/tags/tmp-latest-amd | |
echo "Deleting Docker Hub tag embernexus/api:tmp-latest-arm" | |
curl -s -X DELETE -H "Authorization: JWT ${TMP_DOCKERHUB_JWT_TOKEN}" https://hub.docker.com/v2/repositories/embernexus/api/tags/tmp-latest-arm | |
echo "Unsetting temporary Docker Hub JWT key" | |
unset TMP_DOCKERHUB_JWT_TOKEN | |
echo "Finished" | |
- name: Push repository changes | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
git push origin && git push --tags | |
- name: Read version changelog | |
id: get-changelog | |
uses: superfaceai/release-changelog-action@v3 | |
with: | |
path-to-changelog: CHANGELOG.md | |
version: ${{ env.NEW_VERSION }} | |
operation: read | |
- name: Update GitHub release changelog | |
uses: softprops/action-gh-release@v2 | |
with: | |
tag_name: ${{ env.NEW_VERSION }} | |
body: ${{ steps.get-changelog.outputs.changelog }} | |
prerelease: ${{ startsWith(github.event.inputs.release-type, 'pre') }} | |
token: ${{ secrets.RELEASE_TOKEN }} | |
files: | | |
/tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-amd.tar.gz | |
/tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-arm.tar.gz | |
# disabled due to low credits in free tier (5 per month) | |
# - name: Initiate Originstamp certificate | |
# run: | | |
# curl -X POST "http://api.originstamp.com/v4/timestamp/create" \ | |
# -H "Content-Type: application/json" \ | |
# -H "Authorization: ${{ secrets.ORIGINSTAMP_AUTH_TOKEN }}" \ | |
# -d \ | |
# "{ | |
# \"comment\": \"Release ${{ env.NEW_VERSION }} of ember-nexus/web-sdk\", | |
# \"hash\": \"${{ env.SHA }}\" | |
# }" | |
# env: | |
# SHA: ${{ github.sha }} | |
# | |
# - uses: JasonEtco/create-an-issue@v2 | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} | |
# NEW_VERSION: ${{ env.NEW_VERSION }} | |
# with: | |
# filename: .github/ISSUE_TEMPLATE_POST_RELEASE_TASK.md |