Skip to content

chore: bump duty to v1.0.778 (#1282) #775

chore: bump duty to v1.0.778 (#1282)

chore: bump duty to v1.0.778 (#1282) #775

Workflow file for this run

name: Create Release
on:
push:
branches:
- main
jobs:
semantic-release:
runs-on: ubuntu-latest
outputs:
release-version: ${{ steps.semantic.outputs.release-version }}
new-release-published: ${{ steps.semantic.outputs.new-release-published }}
steps:
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
- uses: codfish/semantic-release-action@cbd853afe12037afb1306caca9d6b1ab6a58cf2a # v1.10.0
id: semantic
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
binary:
runs-on: ubuntu-latest
needs: semantic-release
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
- uses: actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2
with:
node-version: "16"
- name: Install Go
uses: buildjet/setup-go@v5
with:
go-version: v1.23.x
- uses: buildjet/cache@v4
with:
path: |
~/go/pkg/mod
~/.cache/go-build
.bin
key: cache-${{ hashFiles('**/go.sum') }}-${{ hashFiles('.bin/*') }}
restore-keys: |
cache-
- run: make release
env:
VERSION: v${{ needs.semantic-release.outputs.release-version }}
- name: Upload binaries to release
uses: svenstaro/upload-release-action@58d525808845e4c8ff229ea1d5d7c496504a79bc # v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./.release/*
tag: v${{ needs.semantic-release.outputs.release-version }}
overwrite: true
file_glob: true
docker:
needs: semantic-release
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
- name: Publish to DockerHub Registry
uses: elgohr/Publish-Docker-Github-Action@ec61b713af46c32efaa27ac2626c2acb82ce6435 # v5
with:
name: flanksource/config-db
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
snapshot: true
dockerfile: build/Dockerfile
tags: "latest,v${{ needs.semantic-release.outputs.release-version }}"
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR Public
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v2
with:
registry-type: public
- name: Publish to ECR Public
env:
REGISTRY: ${{ steps.login-ecr-public.outputs.registry }}
REGISTRY_ALIAS: k4y9r6y5
REPOSITORY: config-db
IMAGE_TAG: "v${{ needs.semantic-release.outputs.release-version }}"
run: |
docker build -t $REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG -f build/Dockerfile .
docker push $REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG
helm:
runs-on: ubuntu-latest
needs: [semantic-release, docker]
if: needs.semantic-release.outputs.new-release-published == 'true'
steps:
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
- name: Download yq
run: |
wget -nv -nc -O yq https://github.com/mikefarah/yq/releases/download/v4.20.2/yq_linux_amd64
chmod +x yq
- name: Set version
# Always use git tags as semantic release can fail due to rate limit
run: |
git fetch --prune --unshallow
echo "RELEASE_VERSION=$(git describe --abbrev=0 --tags | sed -e 's/^v//')" >> $GITHUB_ENV
- name: Update chart version
run: ./yq -i e '.version = "${{ env.RELEASE_VERSION }}"' chart/Chart.yaml
- name: Update app version
run: ./yq -i e '.appVersion = "${{ env.RELEASE_VERSION }}"' chart/Chart.yaml
- name: Update image tags
run: ./yq -i e '.image.tag = "v${{ env.RELEASE_VERSION }}"' chart/values.yaml
- name: Set up Helm
uses: azure/setup-helm@18bc76811624f360dbd7f18c2d4ecb32c7b87bab # v1.1
with:
version: v3.8.0
- name: Package Helm chart
run: |
helm package ./chart
- name: Clone charts repo
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
repository: "${{ github.repository_owner }}/charts"
path: charts
token: "${{ secrets.FLANKBOT }}"
- name: Update chart repo
run: |
cd charts
cp ../config-db-*.tgz ./
helm repo index --merge index.yaml .
- name: Push changes to chart repo
uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a # v4.16.0
with:
commit_message: "Release ${{ needs.semantic-release.outputs.release-version }} of ${{ github.repository }}"
branch: gh-pages
repository: ./charts
update-incident-commander:
runs-on: ubuntu-latest
needs: [helm, semantic-release]
steps:
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
repository: "${{ github.repository_owner }}/incident-commander-chart"
token: ${{ secrets.FLANKBOT }}
path: ./incident-commander-chart
- name: Install yq
run: |
wget https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}.tar.gz -O - |\
tar xz && sudo mv ${BINARY} /usr/bin/yq
env:
VERSION: v4.25.1
BINARY: yq_linux_amd64
- name: Update config-db version in Incident-commander-chart
run: |
cd incident-commander-chart
yq eval-all -i '(.dependencies[] | select(.name == "config-db")) ref $d | $d.version = "${{ needs.semantic-release.outputs.release-version }}"' chart/Chart.yaml
yq eval-all -i '(.dependencies[] | select(.name == "config-db")) ref $d | $d.version = "${{ needs.semantic-release.outputs.release-version }}"' agent-chart/Chart.yaml
- name: Push changes to chart repo
uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a # v4.16.0
with:
commit_message: "chore: update config-db chart dependency to ${{ needs.semantic-release.outputs.release-version }}"
repository: ./incident-commander-chart