Skip to content

fix(ci): add tap secret to release action #287

fix(ci): add tap secret to release action

fix(ci): add tap secret to release action #287

Workflow file for this run

on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
workflow_dispatch:
name: Release
jobs:
build-runner:
name: Build Runner Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
- name: Build
run: |
docker build -t ghcr.io/tbd54566975/ftl-runner:$GITHUB_SHA -t ghcr.io/tbd54566975/ftl-runner:latest -f Dockerfile.runner .
mkdir -p artifacts/ftl-runner
docker save -o artifacts/ftl-runner/ftl-runner.tar ghcr.io/tbd54566975/ftl-runner:latest
- name: Temporarily save Docker image
uses: actions/upload-artifact@v3
with:
name: docker-runner-artifact
path: artifacts/ftl-runner/ftl-runner.tar
retention-days: 1
build-controller:
name: Build Controller Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
- name: Build
run: |
docker build -t ghcr.io/tbd54566975/ftl-controller:$GITHUB_SHA -t ghcr.io/tbd54566975/ftl-controller:latest -f Dockerfile.controller .
mkdir -p artifacts/ftl-controller
docker save -o artifacts/ftl-controller/ftl-controller.tar ghcr.io/tbd54566975/ftl-controller:latest
- name: Temporarily save Docker image
uses: actions/upload-artifact@v3
with:
name: docker-controller-artifact
path: artifacts/ftl-controller
retention-days: 1
release-docker:
name: Release Assets
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
needs: [build-runner, build-controller]
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Init Hermit
uses: cashapp/activate-hermit@v1
- name: Retrieve Runner Docker image
uses: actions/download-artifact@v3
with:
name: docker-runner-artifact
path: artifacts/ftl-runner
- name: Retrieve Controller Docker image
uses: actions/download-artifact@v3
with:
name: docker-controller-artifact
path: artifacts/ftl-controller
- name: Load Runner Docker image
run: docker load -i artifacts/ftl-runner/ftl-runner.tar
- name: Load Controller Docker image
run: docker load -i artifacts/ftl-controller/ftl-controller.tar
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Push Docker Images
run: |
version=$(git describe --tags --abbrev=0)
docker tag ghcr.io/tbd54566975/ftl-runner:latest ghcr.io/tbd54566975/ftl-runner:$GITHUB_SHA
docker tag ghcr.io/tbd54566975/ftl-runner:latest ghcr.io/tbd54566975/ftl-runner:$version
docker push -a ghcr.io/tbd54566975/ftl-runner
docker tag ghcr.io/tbd54566975/ftl-controller:latest ghcr.io/tbd54566975/ftl-controller:$GITHUB_SHA
docker tag ghcr.io/tbd54566975/ftl-controller:latest ghcr.io/tbd54566975/ftl-controller:$version
docker push -a ghcr.io/tbd54566975/ftl-controller
release-jars:
name: Release JARs
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Init Hermit
uses: cashapp/activate-hermit@v1
# Ideally we'd use Hermit's JDK, but this action creates the correct settings.xml for us.
- uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "temurin"
server-id: "ossrh" # must match the serverId configured for the nexus-staging-maven-plugin
server-username: OSSRH_USERNAME
server-password: OSSRH_PASSWORD
gpg-passphrase: SIGN_KEY_PASS
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
cache: "maven"
- name: Publish JARs # Snapshots are published first, then the tagged release
run: |
mvn -U --batch-mode clean deploy -P release
mvn --batch-mode versions:set -DnewVersion=$(git describe --tags --abbrev=0 | cut -c2-) -DprocessAllModules -DgenerateBackupPoms=false
mvn -U --batch-mode clean deploy -P release
git clean -f *.flattened_pom.xml
env:
SIGN_KEY_PASS: ${{ secrets.GPG_PASSPHRASE }}
OSSRH_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
OSSRH_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
GITHUB_TOKEN: ${{ github.token }}
create-release:
name: Release Go Binaries
runs-on: ubuntu-latest
needs: [release-docker, release-jars]
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Init Hermit
uses: cashapp/activate-hermit@v1
- name: Build Cache
uses: ./.github/actions/build-cache
- name: Build Console
run: bit frontend/dist/index.html
- name: Publish Go Binaries
run: |
git ls-files -- '*.go' | xargs errtrace -w && go mod tidy
bit build/release/ftl
goreleaser release --skip=validate
env:
GITHUB_TOKEN: ${{ github.token }}
FTL_HOMEBREW_TOKEN: ${{ secrets.FTL_HOMEBREW_TOKEN }}