Fix dif (#310) #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Candidate Publish and PR | |
| on: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: tag-${{ github.ref }}-1 | |
| cancel-in-progress: true | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| env: | |
| # Common versions | |
| GO_VERSION: '1.23' | |
| DOCKER_BUILDX_VERSION: 'v0.9.1' | |
| # Common users. We can't run a step 'if secrets.XXX != ""' but we can run a | |
| # step 'if env.XXX' != ""', so we copy these to succinctly test whether | |
| # credentials have been provided before trying to run steps that need them. | |
| UPBOUND_MARKETPLACE_PUSH_ROBOT_USR: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }} | |
| jobs: | |
| # Upon a merge to main, this job checks out main and updates package/crossplane.yaml | |
| # and README.md to point to the latest version (latest git commit SHA). This version | |
| # is then used to create and publish a new package to the Upbound marketplace. Finally, | |
| # using our updated branch an automated PR is opened against main with the version changes. | |
| release-candidate-publish-and-pr: | |
| # We don't want to run this on main upon merging the automated PR we are creating, | |
| # otherwise we would end up in an endless loop of automated PRs. | |
| if: > | |
| github.event_name == 'push' && | |
| github.ref == 'refs/heads/main' && | |
| !contains(github.event.head_commit.message, 'Set release candidate version') | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get Version | |
| run: | | |
| make submodules | |
| version=$(make common.buildvars | grep "^VERSION=" | cut -d '=' -f 2) | |
| echo "VERSION=$version" >> $GITHUB_ENV | |
| branch=candidate-$version | |
| echo "BRANCH=$branch" >> $GITHUB_ENV | |
| - name: Set git config | |
| run: | | |
| git config user.name "GitHub Actions" | |
| git config user.email "<>" | |
| - name: Create a new branch | |
| run: | | |
| git checkout -b $BRANCH | |
| - name: Update image tag | |
| run: /bin/bash ./hack/update-image-tag.sh $VERSION | |
| - name: Commit | |
| run: | | |
| git add . | |
| git commit -m "Set release candidate version [skip ci]: ${VERSION}" | |
| git push --set-upstream origin $BRANCH | |
| - name: Setup QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: all | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| version: ${{ env.DOCKER_BUILDX_VERSION }} | |
| install: true | |
| - name: Login to Upbound | |
| uses: docker/login-action@v3 | |
| if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != '' | |
| with: | |
| registry: xpkg.upbound.io | |
| username: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }} | |
| password: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_PSW }} | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Vendor Dependencies | |
| run: make vendor vendor.check | |
| - name: Build Artifacts | |
| run: make -j2 build.all | |
| env: | |
| # We're using docker buildx, which doesn't actually load the images it | |
| # builds by default. Specifying --load does so. | |
| BUILD_ARGS: "--load" | |
| - name: Publish Artifacts to GitHub | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: output | |
| path: _output/** | |
| - name: Publish Artifacts | |
| if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != '' | |
| run: make publish BRANCH_NAME=${GITHUB_REF##*/} | |
| - name: Create a PR | |
| run: | | |
| gh pr create \ | |
| --base ${GITHUB_REF#refs/heads/} \ | |
| --head $BRANCH \ | |
| --title "Release Candidate: ${VERSION}" \ | |
| --body "This PR is created by GitHub Actions." | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |