Skip to content

Release package

Release package #118

name: Release package
on:
workflow_dispatch:
inputs:
release-type:
description: 'Release type (one of): patch, minor, major'
required: true
permissions:
contents: write
jobs:
checkout-repo-and-bump-version:
runs-on: buildjet-2vcpu-ubuntu-2204
name: Check out Repo and Bump Version
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Bump version
shell: bash
run: |
sudo apt-get install -y moreutils
docker pull usvc/semver:latest
version=$(cat composer.json | jq -r .version)
bumpType=${{ github.event.inputs.release-type }}
newVersion="$(docker run usvc/semver:latest bump $bumpType $version | tr -d '\r')"
newVersionWithoutPatch=$(echo "$newVersion" | cut -d'.' -f1,2)
newVersionWithoutMinor=$(echo "$newVersion" | cut -d'.' -f1)
jq --arg newVersion "$newVersion" '.version = $newVersion' composer.json | sponge composer.json
echo "New version: $newVersion"
mkdir -p /tmp/ci-env
echo "NEW_VERSION=$newVersion" >> /tmp/ci-env/NEW_VERSION.txt
echo "NEW_VERSION_WITHOUT_PATCH=$newVersionWithoutPatch" >> /tmp/ci-env/NEW_VERSION.txt
echo "NEW_VERSION_WITHOUT_MINOR=$newVersionWithoutMinor" >> /tmp/ci-env/NEW_VERSION.txt
echo "NEW_VERSION=$newVersion" >> $GITHUB_ENV
cat /tmp/ci-env/NEW_VERSION.txt
echo "Update version in command examples within documentation"
find ./docs/api-endpoints -type f -exec sed -i "s/$version/$newVersion/g" {} \;
find ./docs/commands/assets -type f -exec sed -i "s/$version/$newVersion/g" {} \;
- name: Update changelog unreleased section with new version
uses: superfaceai/release-changelog-action@v3
with:
path-to-changelog: CHANGELOG.md
version: ${{ env.NEW_VERSION }}
operation: release
- name: Archive working folder for artifact
shell: bash
run: |
tar --exclude='.git' -czf /tmp/bumped-repo.tar.gz .
cd /tmp/ci-env/
tar -czf /tmp/ci-env.tar.gz .
- uses: actions/upload-artifact@v4
with:
name: bumped-repo
path: /tmp/bumped-repo.tar.gz
retention-days: 7
- uses: actions/upload-artifact@v4
with:
name: ci-env
path: /tmp/ci-env.tar.gz
retention-days: 7
build-docker-image-amd:
runs-on: buildjet-4vcpu-ubuntu-2204
name: Build Docker Image - AMD
timeout-minutes: 20
needs: checkout-repo-and-bump-version
steps:
- uses: actions/download-artifact@v4
with:
name: bumped-repo
path: /tmp
- uses: actions/download-artifact@v4
with:
name: ci-env
path: /tmp
- name: Extract artifacts
shell: bash
run: |
ls -la /tmp
tar xvfz /tmp/bumped-repo.tar.gz -C ./
ls -la
mkdir -p /tmp/ci-env
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/
ls -la /tmp/ci-env
- name: Load version from artifact
shell: bash
run: |
ls -la /tmp/ci-env
cat /tmp/ci-env/NEW_VERSION.txt
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV
- name: Debug version
run: |
echo $NEW_VERSION
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker image - AMD
run: |
docker build \
--target production \
--build-arg="VERSION=${{ env.NEW_VERSION }}" \
--no-cache \
-t api:latest-amd \
-f ./docker/Dockerfile \
.
docker save api:latest-amd | gzip > api-latest-amd.tar.gz
- uses: actions/upload-artifact@v4
with:
name: docker-image-api-latest-amd
path: api-latest-amd.tar.gz
retention-days: 7
build-docker-image-arm:
runs-on: buildjet-4vcpu-ubuntu-2204-arm
name: Build Docker Image - ARM
timeout-minutes: 20
needs: checkout-repo-and-bump-version
steps:
- uses: actions/download-artifact@v4
with:
name: bumped-repo
path: /tmp
- uses: actions/download-artifact@v4
with:
name: ci-env
path: /tmp
- name: Extract artifacts
shell: bash
run: |
ls -la /tmp
tar xvfz /tmp/bumped-repo.tar.gz -C ./
ls -la
mkdir -p /tmp/ci-env
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/
ls -la /tmp/ci-env
- name: Load version from artifact
shell: bash
run: |
ls -la /tmp/ci-env
cat /tmp/ci-env/NEW_VERSION.txt
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV
- name: Debug version
run: |
echo $NEW_VERSION
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker image - ARM
run: |
docker build \
--target production \
--build-arg="VERSION=${{ env.NEW_VERSION }}" \
--no-cache \
-t api:latest-arm \
-f ./docker/Dockerfile \
.
docker save api:latest-arm | gzip > api-latest-arm.tar.gz
- uses: actions/upload-artifact@v4
with:
name: docker-image-api-latest-arm
path: api-latest-arm.tar.gz
retention-days: 7
publish-release:
runs-on: buildjet-2vcpu-ubuntu-2204
name: Publish release
timeout-minutes: 10
needs: [build-docker-image-amd, build-docker-image-arm]
steps:
- shell: bash
run: |
pwd
ls -la
- uses: actions/checkout@v4
- shell: bash
run: |
pwd
ls -la
git config -l | cat
- uses: actions/download-artifact@v4
with:
name: bumped-repo
path: /tmp
- uses: actions/download-artifact@v4
with:
name: ci-env
path: /tmp
- name: Extract artifacts
shell: bash
run: |
ls -la /tmp
tar xvfz /tmp/bumped-repo.tar.gz -C ./
ls -la
mkdir -p /tmp/ci-env
tar xvfz /tmp/ci-env.tar.gz -C /tmp/ci-env/
ls -la /tmp/ci-env
- shell: bash
run: |
pwd
ls -la
git config -l | cat
- name: Load version from artifact
shell: bash
run: |
ls -la /tmp/ci-env
cat /tmp/ci-env/NEW_VERSION.txt
cat /tmp/ci-env/NEW_VERSION.txt >> $GITHUB_ENV
- name: Debug version
run: |
echo "${{ env.NEW_VERSION }}"
echo "${{ env.NEW_VERSION_WITHOUT_PATCH }}"
echo "${{ env.NEW_VERSION_WITHOUT_MINOR }}"
# see also https://github.com/Nautilus-Cyberneering/pygithub
- name: Import GPG key
id: import-gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Debug GPG
run: |
echo "fingerprint: ${{ steps.import-gpg.outputs.fingerprint }}"
echo "keyid: ${{ steps.import-gpg.outputs.keyid }}"
echo "name: ${{ steps.import-gpg.outputs.name }}"
echo "email: ${{ steps.import-gpg.outputs.email }}"
- name: Git configuration
run: |
git config --global user.email "${{ steps.import-gpg.outputs.email }}"
git config --global user.name "${{ steps.import-gpg.outputs.name }}"
- name: Commit changes and create tag
run: |
git add .
git commit -m "chore: release ${{ env.NEW_VERSION }}"
git tag ${{ env.NEW_VERSION }}
- uses: actions/download-artifact@v4
with:
name: docker-image-api-latest-amd
path: /tmp/docker
- uses: actions/download-artifact@v4
with:
name: docker-image-api-latest-arm
path: /tmp/docker
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Create multi arch Docker image
shell: bash
run: |
ls -la /tmp/docker
docker load < /tmp/docker/api-latest-amd.tar.gz
docker load < /tmp/docker/api-latest-arm.tar.gz
docker tag api:latest-amd embernexus/api:tmp-latest-amd
docker tag api:latest-arm embernexus/api:tmp-latest-arm
docker tag api:latest-amd embernexus/api:${{ env.NEW_VERSION }}-amd
docker tag api:latest-arm embernexus/api:${{ env.NEW_VERSION }}-arm
docker save embernexus/api:${{ env.NEW_VERSION }}-amd | gzip > /tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-amd.tar.gz
docker save embernexus/api:${{ env.NEW_VERSION }}-arm | gzip > /tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-arm.tar.gz
docker push embernexus/api:tmp-latest-amd
docker push embernexus/api:tmp-latest-arm
echo "Creating and pushing multi arch image embernexus/api:latest"
docker manifest create \
embernexus/api:latest \
--amend embernexus/api:tmp-latest-amd \
--amend embernexus/api:tmp-latest-arm
docker manifest push embernexus/api:latest
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION }}"
docker manifest create \
embernexus/api:${{ env.NEW_VERSION }} \
--amend embernexus/api:tmp-latest-amd \
--amend embernexus/api:tmp-latest-arm
docker manifest push embernexus/api:${{ env.NEW_VERSION }}
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }}"
docker manifest create \
embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }} \
--amend embernexus/api:tmp-latest-amd \
--amend embernexus/api:tmp-latest-arm
docker manifest push embernexus/api:${{ env.NEW_VERSION_WITHOUT_PATCH }}
echo "Creating and pushing multi arch image embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }}"
docker manifest create \
embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }} \
--amend embernexus/api:tmp-latest-amd \
--amend embernexus/api:tmp-latest-arm
docker manifest push embernexus/api:${{ env.NEW_VERSION_WITHOUT_MINOR }}
echo "Creating temporary JWT key for Docker Hub"
export TMP_DOCKERHUB_JWT_TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${{ secrets.DOCKERHUB_USERNAME}}'", "password": "'${{ secrets.DOCKERHUB_TOKEN }}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token)
echo "Deleting Docker Hub tag embernexus/api:tmp-latest-amd"
curl -s -X DELETE -H "Authorization: JWT ${TMP_DOCKERHUB_JWT_TOKEN}" https://hub.docker.com/v2/repositories/embernexus/api/tags/tmp-latest-amd
echo "Deleting Docker Hub tag embernexus/api:tmp-latest-arm"
curl -s -X DELETE -H "Authorization: JWT ${TMP_DOCKERHUB_JWT_TOKEN}" https://hub.docker.com/v2/repositories/embernexus/api/tags/tmp-latest-arm
echo "Unsetting temporary Docker Hub JWT key"
unset TMP_DOCKERHUB_JWT_TOKEN
echo "Finished"
- name: Push repository changes
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git push origin && git push --tags
- name: Read version changelog
id: get-changelog
uses: superfaceai/release-changelog-action@v3
with:
path-to-changelog: CHANGELOG.md
version: ${{ env.NEW_VERSION }}
operation: read
- name: Update GitHub release changelog
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ env.NEW_VERSION }}
body: ${{ steps.get-changelog.outputs.changelog }}
prerelease: ${{ startsWith(github.event.inputs.release-type, 'pre') }}
token: ${{ secrets.RELEASE_TOKEN }}
files: |
/tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-amd.tar.gz
/tmp/docker/docker-image-ember-nexus-api-${{ env.NEW_VERSION }}-arm.tar.gz
# disabled due to low credits in free tier (5 per month)
# - name: Initiate Originstamp certificate
# run: |
# curl -X POST "http://api.originstamp.com/v4/timestamp/create" \
# -H "Content-Type: application/json" \
# -H "Authorization: ${{ secrets.ORIGINSTAMP_AUTH_TOKEN }}" \
# -d \
# "{
# \"comment\": \"Release ${{ env.NEW_VERSION }} of ember-nexus/web-sdk\",
# \"hash\": \"${{ env.SHA }}\"
# }"
# env:
# SHA: ${{ github.sha }}
#
# - uses: JasonEtco/create-an-issue@v2
# env:
# GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
# NEW_VERSION: ${{ env.NEW_VERSION }}
# with:
# filename: .github/ISSUE_TEMPLATE_POST_RELEASE_TASK.md