-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: update build and release workflows
- Loading branch information
Showing
9 changed files
with
211 additions
and
251 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,68 +1,54 @@ | ||
| name: Build | ||
| on: pull_request | ||
| name: build | ||
| on: | ||
| pull_request: | ||
| branches: | ||
| - main | ||
| permissions: {} | ||
| jobs: | ||
| build: | ||
| build-snapshot: | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Install Go | ||
| uses: actions/setup-go@v5 | ||
| with: | ||
| go-version: stable | ||
| - name: Set up environment | ||
| run: echo "GOVERSION=$(go version)" >> $GITHUB_ENV | ||
| - name: Run GoReleaser | ||
| uses: goreleaser/goreleaser-action@v5 | ||
| with: | ||
| version: latest | ||
| args: build --snapshot --rm-dist | ||
| - name: Tar up binaries | ||
| # work around limitations in the upload/download artifact actions | ||
| # https://github.com/actions/download-artifact#limitations | ||
| run: tar -cvf dist.tar dist | ||
| - name: Upload binaries tar file | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: dist.tar | ||
| path: dist.tar | ||
| buildimage: | ||
| if: ${{ !startsWith(github.head_ref, 'dependabot/') }} | ||
| strategy: | ||
| matrix: | ||
| binary: | ||
| - ssh-portal-api | ||
| - ssh-portal | ||
| - ssh-portal-api | ||
| - ssh-token | ||
| needs: build | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Download binaries tar file | ||
| uses: actions/download-artifact@v4 | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.sha }} | ||
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | ||
| with: | ||
| name: dist.tar | ||
| - name: Untar binaries | ||
| run: tar -xvf dist.tar | ||
| go-version: stable | ||
| - run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" | ||
| - uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | ||
| with: | ||
| version: latest | ||
| args: build --clean --debug --single-target --snapshot | ||
| - name: Login to GHCR | ||
| uses: docker/login-action@v3 | ||
| if: github.actor != 'dependabot[bot]' | ||
| uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Docker metadata | ||
| # this id is namespaced per matrix run | ||
| - name: Get Docker metadata | ||
| if: github.actor != 'dependabot[bot]' | ||
| id: docker_metadata | ||
| uses: docker/metadata-action@v5 | ||
| uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e # v5.4.0 | ||
| with: | ||
| images: ghcr.io/uselagoon/lagoon-ssh-portal/${{ matrix.binary }} | ||
| images: ghcr.io/${{ github.repository }}/${{ matrix.binary }} | ||
| - run: echo "GITHUB_REPOSITORY_NAME=$(basename ${{ github.repository }})" >> "$GITHUB_ENV" | ||
| - name: Build and push ${{ matrix.binary }} container image | ||
| id: docker_build | ||
| uses: docker/build-push-action@v5 | ||
| if: github.actor != 'dependabot[bot]' | ||
| uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 | ||
| with: | ||
| push: true | ||
| tags: ${{ steps.docker_metadata.outputs.tags }} | ||
| labels: ${{ steps.docker_metadata.outputs.labels }} | ||
| file: deploy/${{ matrix.binary }}/Dockerfile | ||
| file: Dockerfile | ||
| build-args: BINARY=${{ matrix.binary }} | ||
| context: dist/${{ matrix.binary }}_linux_amd64_v1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,25 +1,27 @@ | ||
| name: Release | ||
| name: release | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| permissions: {} | ||
| jobs: | ||
| tag: | ||
| release-tag: | ||
| permissions: | ||
| # create tag | ||
| contents: write | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| new-tag: ${{ steps.bump-tag.outputs.new }} | ||
| new-tag-version: ${{ steps.bump-tag.outputs.new_tag_version }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Configure Git | ||
| - name: Configure git | ||
| run: | | ||
| git config --global user.name "$GITHUB_ACTOR" | ||
| git config --global user.email "[email protected]" | ||
| - name: Install Go | ||
| uses: actions/setup-go@v5 | ||
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | ||
| with: | ||
| go-version: stable | ||
| - name: Install ccv | ||
|
|
@@ -29,82 +31,43 @@ jobs: | |
| - name: Bump tag if necessary | ||
| id: bump-tag | ||
| run: | | ||
| if [ -z $(git tag -l $(ccv)) ]; then | ||
| git tag $(ccv) | ||
| if [ -z "$(git tag -l "$(ccv)")" ]; then | ||
| git tag "$(ccv)" | ||
| git push --tags | ||
| echo "::set-output name=new::true" | ||
| echo "::set-output name=new_tag_version::$(git tag --points-at HEAD)" | ||
| echo "new=true" >> "$GITHUB_OUTPUT" | ||
| echo "new_tag_version=$(git tag --points-at HEAD)" >> "$GITHUB_OUTPUT" | ||
| fi | ||
| release: | ||
| needs: tag | ||
| if: needs.tag.outputs.new-tag == 'true' | ||
| release-build: | ||
| permissions: | ||
| # create release | ||
| contents: write | ||
| # push docker images to regsitry | ||
| packages: write | ||
| # use OIDC token for signing | ||
| id-token: write | ||
| needs: release-tag | ||
| if: needs.release-tag.outputs.new-tag == 'true' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Install Go | ||
| uses: actions/setup-go@v5 | ||
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | ||
| with: | ||
| go-version: stable | ||
| - name: Set up environment | ||
| run: echo "GOVERSION=$(go version)" >> $GITHUB_ENV | ||
| - name: Run GoReleaser | ||
| uses: goreleaser/goreleaser-action@v5 | ||
| with: | ||
| version: latest | ||
| args: release --rm-dist | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Tar up binaries | ||
| run: tar -cvf dist.tar dist | ||
| - name: Upload binaries tar file | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: dist.tar | ||
| path: dist.tar | ||
| releaseimage: | ||
| strategy: | ||
| matrix: | ||
| binary: | ||
| - ssh-portal-api | ||
| - ssh-portal | ||
| - ssh-token | ||
| needs: | ||
| - tag | ||
| - release | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Download binaries tar file | ||
| uses: actions/download-artifact@v4 | ||
| with: | ||
| name: dist.tar | ||
| - name: Untar binaries | ||
| run: tar -xvf dist.tar | ||
| - name: Login to GHCR | ||
| uses: docker/login-action@v3 | ||
| uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Docker metadata | ||
| # this id is namespaced per matrix run | ||
| id: docker_metadata | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/uselagoon/lagoon-ssh-portal/${{ matrix.binary }} | ||
| tags: | | ||
| ${{ needs.tag.outputs.new-tag-version }} | ||
| latest | ||
| - name: Build and push ${{ matrix.binary }} container image | ||
| id: docker_build | ||
| uses: docker/build-push-action@v5 | ||
| - name: Set up environment | ||
| run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" | ||
| - uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0 | ||
| - uses: anchore/sbom-action/download-syft@5ecf649a417b8ae17dc8383dc32d46c03f2312df # v0.15.1 | ||
| - uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | ||
| with: | ||
| push: true | ||
| tags: ${{ steps.docker_metadata.outputs.tags }} | ||
| labels: ${{ steps.docker_metadata.outputs.labels }} | ||
| file: deploy/${{ matrix.binary }}/Dockerfile | ||
| context: dist/${{ matrix.binary }}_linux_amd64_v1 | ||
| version: latest | ||
| args: release --clean | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.