auto-release #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: auto-release | |
| on: | |
| workflow_dispatch: # to manually force a release on ignore paths | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - '.github/**' | |
| - .gitignore | |
| - CONTRIBUTING.md | |
| - README.md | |
| - renovate.json5 | |
| - run-renovate-locally.bash | |
| jobs: | |
| build: | |
| name: "ship it" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Bump version | |
| id: bump-version | |
| uses: ietf-tools/semver-action@2415a9e79db34eb828a8dc1d20d4890725737227 # v1 | |
| with: | |
| token: ${{ github.token }} | |
| branch: master | |
| noVersionBumpBehavior: minor | |
| majorList: major | |
| - name: vendor-add-blob | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }} | |
| AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }} | |
| run: | | |
| set -x # enable traces | |
| #pwd | |
| #find . | |
| # configure git | |
| git config --global user.name "workflows/k9s-package/create-final-bosh-release" | |
| git config --global user.email "<>" | |
| git config --global --add safe.directory /github/workspace | |
| export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}" | |
| ./vendor.sh | |
| echo "State after vendir:" | |
| tree -s src | |
| git add vendir.lock | |
| # FIXME: optimize for idempotency | |
| ./addblob.sh | |
| remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" | |
| git add config/blobs.yml | |
| git status | |
| if git commit -a --dry-run 2>&1 >/dev/null;then | |
| git commit -a -m "updating blobs" && \ | |
| git push ${remote_repo} HEAD:${GITHUB_REF_NAME} | |
| else | |
| echo "Nothing to commit" | |
| fi | |
| echo "Resulting State:" | |
| tree -s src | |
| if [ -d blobs ];then # The blobs dir is only present when a blob is modified or has not yet been published. | |
| tree -s blobs | |
| fi | |
| - name: create bosh release | |
| id: create-bosh-release | |
| uses: orange-cloudfoundry/create-bosh-release-action@916ad18a668fe168c7cd643a0f56e8e48623b3f6 # v1.0.3 | |
| with: | |
| target_branch: ${{github.ref_name}} | |
| tag_name: ${{ steps.bump-version.outputs.next}} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }} | |
| AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }} | |
| # see https://github.com/ncipollo/release-action | |
| - name: create github release | |
| id: create-github-release | |
| uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 | |
| with: | |
| tag: ${{ steps.create-bosh-release.outputs.tagged_version }} | |
| draft: false | |
| allowUpdates: false # > indicates if we should update a release if it already exists. | |
| generateReleaseNotes: true | |
| artifacts: ./${{ steps.create-bosh-release.outputs.file }} | |
| artifactContentType: application/zip | |
| artifactErrorsFailBuild: true # > indicates if artifact read or upload errors should fail the build. |