Added local dev and release tooling to changelog tool #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Changelog generator CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - tools/changelog | |
| tags: | |
| - "tools/changelog/v[0-9]+.[0-9]+.[0-9]+**" | |
| pull_request: | |
| paths: | |
| - tools/changelog/workflows/cd.yaml | |
| - .github/workflows/changelog-cd.yaml | |
| env: | |
| TOOL_DIRECTORY: tools/changelog | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # Needed to create the release | |
| packages: write # Needed to upload the images to GHCR | |
| steps: | |
| # Setup | |
| - name: Checkout repository | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Create event-specific values | |
| id: setup | |
| run: | | |
| # Determine if the workflow was triggered via a push to main or a tag | |
| # and get the version based off of that | |
| if [[ "${GITHUB_REF}" =~ refs/tags/.* ]]; then | |
| # Transforms tag refs like refs/tags/tools/changelog/v1.2.3 into v1.2.3 | |
| echo "version=${GITHUB_REF#refs/tags/tools/changelog}" >> "${GITHUB_OUTPUT}" | |
| # Eventually the parse-version action from the teleport.e repo | |
| # should move into this repo and replace this logic | |
| echo "should-release=true" >> "${GITHUB_OUTPUT}" | |
| # Any '-' character means in a tag ref means that it is a prerelease | |
| if [[ "${GITHUB_REF}" == *-* ]]; then | |
| echo "is-prerelease=true" >> "${GITHUB_OUTPUT}" | |
| fi | |
| fi | |
| # Build the binaries | |
| - name: Setup Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version-file: '${{ env.TOOL_DIRECTORY }}/go.mod' | |
| - name: Build the project | |
| working-directory: ${{ env.TOOL_DIRECTORY }} | |
| run: | | |
| make tarball OS=linux ARCH=amd64 | |
| make tarball OS=linux ARCH=arm64 | |
| make tarball OS=darwin ARCH=amd64 | |
| make tarball OS=darwin ARCH=arm64 | |
| make tarball OS=windows ARCH=arm64 | |
| # Build and push the image | |
| - name: Install docker buildx | |
| uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 | |
| - name: Login to GitHub Container Registry | |
| id: login-ghcr | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Prepare container image labels and tags | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 | |
| with: | |
| images: | | |
| ghcr.io/${{ github.repository_owner }}/changelog | |
| flavor: | | |
| latest=false | |
| # Enable sha tag on branch push events and pull requests. | |
| # Enable semver tags on tag push events, but don't overwrite major/minor tags for prereleases. | |
| # Semver tags won't be generated except upon tag events. | |
| tags: | | |
| type=sha,prefix=v0.0.0-{{branch}}-,enable=${{ startsWith(github.ref, 'refs/heads/') }} | |
| type=sha,prefix=v0.0.0-{{base_ref}}-,enable=${{ github.event_name == 'pull_request' }} | |
| type=semver,pattern={{major}},value=${{ steps.setup.outputs.version }},enable=${{ steps.setup.outputs.is-prerelease != 'true' }} | |
| type=semver,pattern={{major}}.{{minor}},value=${{ steps.setup.outputs.version }},enable=${{ steps.setup.outputs.is-prerelease != 'true' }} | |
| type=semver,pattern={{version}},value=${{ steps.setup.outputs.version }} | |
| - name: Build the container image and push | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1 | |
| with: | |
| context: ${{ env.TOOL_DIRECTORY }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| annotations: ${{ steps.meta.outputs.annotations }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| platforms: | | |
| linux/amd64 | |
| linux/arm64 | |
| provenance: true | |
| sbom: true | |
| # File a new release with the tarballs attached | |
| - name: Create a new GitHub release | |
| if: ${{ steps.setup.outputs.should-release == 'true' }} | |
| working-directory: ${{ env.TOOL_DIRECTORY }} | |
| env: | |
| VERSION: ${{ steps.setup.outputs.version }} | |
| IS_PRERELEASE: ${{ steps.setup.outputs.is-prerelease }} | |
| run: | | |
| if [[ "${IS_PRERELEASE}" == 'true' ]]; then | |
| EXTRA_FLAGS=("--prerelease") | |
| else | |
| EXTRA_FLAGS=("--latest") | |
| fi | |
| readarray -d '' RELEASE_TARBALLS < <( | |
| find . -name '*.tar.gz' -print0 | |
| ) | |
| echo "Creating a release for ${VERSION} with files:" | |
| ls -lh "${RELEASE_TARBALLS[@]}" | |
| gh release create --title "changelog ${VERSION}" --verify-tag \ | |
| --generate-notes "${EXTRA_FLAGS[@]}" "${GITHUB_REF_NAME}" \ | |
| "${RELEASE_TARBALLS[@]}" |