Skip to content

Release

Release #764

Workflow file for this run

# Copyright 2022 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
---
name: Release
"on":
workflow_run:
workflows: [Checks]
types: [completed]
branches: [main]
workflow_dispatch:
permissions:
contents: read
jobs:
release:
permissions:
contents: write # for Git to git push & cache write
name: Release
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' || github.event.workflow_dispatch }}
env:
IMAGE_REPO: quay.io/hacbs-contract/ec-cli
TAG: ${{ github.sha }}
steps:
# TODO: Enabling this seems to cause the host to run out of disk space.
# - name: Harden Runner
# uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
# with:
# egress-policy: audit
# disable-telemetry: true
- name: Checkout repository
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Cache
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with:
path: |
~/.cache/go-build
~/go/pkg/mod
.npm
key: main
- name: Setup Go environment
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: go.mod
cache: false
- name: Download go dependencies
run: |
go mod download
go mod download -modfile tools/go.mod
go mod download -modfile acceptance/go.mod
- name: Setup Node.js environment
uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
with:
node-version-file: 'package.json'
- name: Download NPM dependencies
run: npm ci
- name: Build distribution
run: make dist
- name: Registry login
run: podman login -u ${{ secrets.BUNDLE_PUSH_USER }} -p ${{ secrets.BUNDLE_PUSH_PASS }} quay.io
- name: Set up QEMU
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
- name: Create and push image
run: make dist-image-push IMAGE_TAG=$TAG IMAGE_REPO=$IMAGE_REPO ADD_IMAGE_TAG=snapshot
- name: Create and push the tekton bundle
env:
TASK: "tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml tasks/verify-definition/0.1/verify-definition.yaml"
run: make task-bundle-snapshot TASK_TAG=$TAG TASK=<( yq e ".spec.steps[].image? = \"$IMAGE_REPO:$TAG\"" $TASK | yq 'select(. != null)')
- name: Delete snapshot release and tag
run: |
echo ${{ secrets.GITHUB_TOKEN }} | gh auth login --with-token
RELEASE_ID=$(gh api \
-H 'Accept: application/vnd.github.v3+json' \
/repos/${{ github.repository }}/releases \
-q '.[] | select(.tag_name == "snapshot") | .id')
[[ -n "${RELEASE_ID}" ]] && gh api --method DELETE \
-H 'Accept: application/vnd.github.v3+json' \
"/repos/${{ github.repository }}/releases/${RELEASE_ID}"
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git tag -a -f -m 'Development snapshot' snapshot
git push -f --tags
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
with:
prerelease: true
name: Rolling release
body: Stable rolling release. Version can be determined by running `ec version`
tag_name: snapshot
generate_release_notes: false
files: dist/*