Skip to content

Commit

Permalink
Revert "debugging"
Browse files Browse the repository at this point in the history 
This reverts commit b3b43f1.
  • Loading branch information
@mowies
mowies committed Sep 5, 2023
1 parent b3b43f1 commit 00c0dbd
Showing 1 changed file with 111 additions and 1 deletion.
112 changes: 111 additions & 1 deletion .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
id: release
with:
command: manifest
token: ${{ secrets.PAT }}
token: ${{ secrets.KEPTN_BOT_TOKEN }}
default-branch: main
signoff: "keptn-bot <[email protected]>"

Expand Down Expand Up @@ -124,3 +124,113 @@ jobs:
});
console.log("release matrix: " + JSON.stringify({ config: releaseMatrix }));
return { config: releaseMatrix };
build-release:
if: needs.release-please.outputs.releases-created == 'true'
needs:
- release-please
strategy:
matrix: ${{ fromJson(needs.release-please.outputs.build-matrix) }}
runs-on: ubuntu-22.04
permissions:
contents: write
packages: write
id-token: write
env:
IMAGE_NAME: ghcr.io/keptn/${{ matrix.config.name }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: "ghcr.io"
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Cosign
uses: sigstore/[email protected]

- name: Clean up image tag
id: clean-image-tag
env:
IMAGE_TAG: ${{ matrix.config.tagName }}
run: |
# Remove artifact prefix from tag so that we get clean image tags
temp="${IMAGE_TAG##klt-}"
temp="${temp##cert-manager-}"
temp="${temp##python-runtime-}"
temp="${temp##deno-runtime-}"
temp="${temp##scheduler-}"
temp="${temp##lifecycle-operator-}"
echo "IMAGE_TAG=${temp##metrics-operator-}" >> "$GITHUB_OUTPUT"
- name: Build Docker Image
id: docker_build_image
uses: docker/build-push-action@v4
with:
context: ${{ matrix.config.folder }}
platforms: linux/amd64,linux/arm64
target: production
tags: |
${{ env.IMAGE_NAME }}:${{ steps.clean-image-tag.outputs.IMAGE_TAG }}
build-args: |
GIT_HASH=${{ env.GIT_SHA }}
RELEASE_VERSION=dev-${{ env.DATETIME }}
BUILD_TIME=${{ env.BUILD_TIME }}
CONTROLLER_TOOLS_VERSION=${{ env.CONTROLLER_TOOLS_VERSION }}
SCHEDULER_COMPATIBLE_K8S_VERSION=${{ env.SCHEDULER_COMPATIBLE_K8S_VERSION }}
builder: ${{ steps.buildx.outputs.name }}
push: true
cache-from: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}
cache-to: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}

- name: Sign container image
env:
IMAGE_DIGEST: ${{ steps.docker_build_image.outputs.digest }}
run: |
cosign sign --yes ${{ env.IMAGE_NAME }}@${{ env.IMAGE_DIGEST }}
cosign verify \
--certificate-identity-regexp="https://github.com/keptn/lifecycle-toolkit/.*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
${{ env.IMAGE_NAME }}@${{ env.IMAGE_DIGEST }}
- name: Generate SBOM
uses: anchore/[email protected]
with:
image: ${{ env.IMAGE_NAME }}:${{ steps.clean-image-tag.outputs.IMAGE_TAG }}
artifact-name: sbom-${{ matrix.config.name }}
output-file: ./sbom-${{ matrix.config.name }}.spdx.json

- name: Attach SBOM to release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ matrix.config.tagName }}
files: ./sbom-${{ matrix.config.name }}.spdx.json

update-docs:
name: Update Documentation
needs:
- release-please
if: needs.release-please.outputs.klt-release-created == 'true'
with:
tag_name: ${{ needs.release-please.outputs.klt-tag-name }}
uses: keptn/docs-tooling/.github/workflows/[email protected]
secrets: inherit

update-examples:
name: Update examples
needs:
- release-please
if: needs.release-please.outputs.klt-release-created == 'true'
with:
tag_name: ${{ needs.release-please.outputs.klt-tag-name }}
uses: ./.github/workflows/release-examples.yml
secrets: inherit

0 comments on commit 00c0dbd

Please sign in to comment.