-
Notifications
You must be signed in to change notification settings - Fork 11
84 lines (83 loc) · 3.88 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: Release kuberpult with semantic versioning
on:
workflow_dispatch:
jobs:
release:
name: Release kuberpult with semantic versioning
runs-on: ubuntu-latest
steps:
- name: Install earthly
uses: earthly/actions-setup@v1
with:
version: v0.8.13
- uses: actions/checkout@v4
with:
fetch-depth: 0 # needed for git describe/VERSION in Makefile
- name: Identify version to create
uses: go-semantic-release/action@v1
id: new-semrel-version
with:
dry: true
ghr: true
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Run helm chart tests
run: |
make -C charts/kuberpult test-helm
- name: Create helm chart for release
run: |
make -C charts/kuberpult release-tag VERSION=v${{ steps.new-semrel-version.outputs.version }}
- name: Login to Google Artifact Registry
uses: docker/login-action@v3
with:
registry: europe-west3-docker.pkg.dev
username: _json_key
password: ${{ secrets.GCP_ARTIFACT_REGISTRY_PUSH_JSON_KEY }}
- name: Re-tag service images with release version for google docker registry
run: |
echo 'If this step fails, ensure that the main github action is done. We rely on it to get the docker images.'
git fetch --tags # this should have been done by the checkout action before.
make tag-release-images RELEASE_IMAGE_TAG=v$RELEASE_IMAGE_VERSION
env:
RELEASE_IMAGE_VERSION: ${{ steps.new-semrel-version.outputs.version }}
- name: Re-tag CLI service image with release version for google docker registry
run: |
echo 'If this step fails, ensure that the main github action is done. We rely on it to get the docker images.'
git fetch --tags # this should have been done by the checkout action before.
make tag-cli-release-image RELEASE_IMAGE_TAG=v$RELEASE_IMAGE_VERSION
env:
RELEASE_IMAGE_VERSION: ${{ steps.new-semrel-version.outputs.version }}
- name: Create release
uses: go-semantic-release/action@v1
id: semrel
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
changelog-generator-opt: "emojis=true"
# By default, every release is a "pre-release" from now on.
# Setting this flag to true will happen manually (after testing).
prerelease: true
- name: Append helm chart to release
run: |
echo $VERSION
gh release upload v$VERSION charts/kuberpult/kuberpult-v$VERSION.tgz
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERSION: ${{ steps.semrel.outputs.version }}
- name: Append vulnerability reports to release
run: |
echo $VERSION
earthly ./trivy+scan-all --kuberpult_version=v${VERSION}
gh release upload v$VERSION trivy/kuberpult-v${VERSION}-reports.tar.gz
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERSION: ${{ steps.semrel.outputs.version }}
- name: Append postgres migrations to release
run: |
cd database/migrations
tar -czhf postgres_migrations.tar.gz postgres/
gh release upload v$VERSION ./postgres_migrations.tar.gz
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERSION: ${{ steps.semrel.outputs.version }}
- name: Renovate standard-setup dev-env
run: |
curl -X POST -H "Content-type: application/json" "${{ format('https://cloudbuild.googleapis.com/v1/projects/fdc-standard-setup-dev-env/locations/europe-west1/triggers/fdc-standard-setup-dev-env-upgrade-dependencies-trigger:webhook?key={0}&secret={1}&trigger=fdc-standard-setup-dev-env-upgrade-dependencies-trigger&projectId=fdc-standard-setup-dev-env', secrets.DEV_ENV_CLOUD_BUILD_API_KEY, secrets.DEV_ENV_RENOVATE_WEBHOOK_KEY) }}" -d "{}"