-
Notifications
You must be signed in to change notification settings - Fork 3
134 lines (119 loc) · 5 KB
/
changelog-cd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
name: Changelog generator CD
on:
push:
branches:
- main
paths:
- tools/changelog
tags:
- "tools/changelog/v[0-9]+.[0-9]+.[0-9]+**"
pull_request:
paths:
- tools/changelog/workflows/cd.yaml
- .github/workflows/changelog-cd.yaml
env:
TOOL_DIRECTORY: tools/changelog
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write # Needed to create the release
packages: write # Needed to upload the images to GHCR
steps:
# Setup
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Create event-specific values
id: setup
run: |
# Determine if the workflow was triggered via a push to main or a tag
# and get the version based off of that
if [[ "${GITHUB_REF}" =~ refs/tags/.* ]]; then
# Transforms tag refs like refs/tags/tools/changelog/v1.2.3 into v1.2.3
echo "version=${GITHUB_REF#refs/tags/tools/changelog}" >> "${GITHUB_OUTPUT}"
# Eventually the parse-version action from the teleport.e repo
# should move into this repo and replace this logic
echo "should-release=true" >> "${GITHUB_OUTPUT}"
# Any '-' character means in a tag ref means that it is a prerelease
if [[ "${GITHUB_REF}" == *-* ]]; then
echo "is-prerelease=true" >> "${GITHUB_OUTPUT}"
fi
fi
# Build the binaries
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: '${{ env.TOOL_DIRECTORY }}/go.mod'
- name: Build the project
working-directory: ${{ env.TOOL_DIRECTORY }}
run: |
make tarball OS=linux ARCH=amd64
make tarball OS=linux ARCH=arm64
make tarball OS=darwin ARCH=amd64
make tarball OS=darwin ARCH=arm64
make tarball OS=windows ARCH=arm64
# Build and push the image
- name: Install docker buildx
uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
- name: Login to GitHub Container Registry
id: login-ghcr
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Prepare container image labels and tags
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: |
ghcr.io/${{ github.repository_owner }}/changelog
flavor: |
latest=false
# Enable sha tag on branch push events and pull requests.
# Enable semver tags on tag push events, but don't overwrite major/minor tags for prereleases.
# Semver tags won't be generated except upon tag events.
tags: |
type=sha,prefix=v0.0.0-{{branch}}-,enable=${{ startsWith(github.ref, 'refs/heads/') }}
type=sha,prefix=v0.0.0-{{base_ref}}-,enable=${{ github.event_name == 'pull_request' }}
type=semver,pattern={{major}},value=${{ steps.setup.outputs.version }},enable=${{ steps.setup.outputs.is-prerelease != 'true' }}
type=semver,pattern={{major}}.{{minor}},value=${{ steps.setup.outputs.version }},enable=${{ steps.setup.outputs.is-prerelease != 'true' }}
type=semver,pattern={{version}},value=${{ steps.setup.outputs.version }}
- name: Build the container image and push
uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
with:
context: ${{ env.TOOL_DIRECTORY }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: |
linux/amd64
linux/arm64
provenance: true
sbom: true
# File a new release with the tarballs attached
- name: Create a new GitHub release
if: ${{ steps.setup.outputs.should-release == 'true' }}
working-directory: ${{ env.TOOL_DIRECTORY }}
env:
VERSION: ${{ steps.setup.outputs.version }}
IS_PRERELEASE: ${{ steps.setup.outputs.is-prerelease }}
run: |
if [[ "${IS_PRERELEASE}" == 'true' ]]; then
EXTRA_FLAGS=("--prerelease")
else
EXTRA_FLAGS=("--latest")
fi
readarray -d '' RELEASE_TARBALLS < <(
find . -name '*.tar.gz' -print0
)
echo "Creating a release for ${VERSION} with files:"
ls -lh "${RELEASE_TARBALLS[@]}"
gh release create --title "changelog ${VERSION}" --verify-tag \
--generate-notes "${EXTRA_FLAGS[@]}" "${GITHUB_REF_NAME}" \
"${RELEASE_TARBALLS[@]}"