Merge pull request #4659 from kubernetes-sigs/dependabot/go_modules/g… #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Create Release | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- 'CHANGELOG/*.md' | |
permissions: # added using https://github.com/step-security/secure-repo | |
contents: read | |
jobs: | |
push_release_tag: | |
permissions: | |
pull-requests: read # for tj-actions/changed-files | |
contents: write # for "Create Release Tag" step | |
runs-on: ubuntu-latest | |
outputs: | |
release_tag: ${{ steps.release-version.outputs.release_version }} | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
with: | |
egress-policy: audit | |
- name: Checkout code | |
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # tag=v4.1.2 | |
with: | |
fetch-depth: 0 | |
- name: Get changed files | |
id: changed-markdown-files | |
uses: tj-actions/changed-files@77af4bed286740ef1a6387dc4e4e4dec39f96054 # tag=v43.0.0 | |
with: | |
files: CHANGELOG/**.md | |
- name: Get release version | |
id: release-version | |
run: | | |
if [[ ${{ steps.changed-markdown-files.outputs.all_changed_files_count }} != 1 ]]; then | |
echo "1 release notes file should be changed to create a release tag, found ${{ steps.changed-markdown-files.outputs.all_changed_files_count }}" | |
exit 1 | |
fi | |
for changed_file in ${{ steps.changed-markdown-files.outputs.all_changed_files }}; do | |
export RELEASE_VERSION=$(echo "${changed_file}" | grep -oP '(?<=/)[^/]+(?=\.md)') | |
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV | |
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT | |
if [[ "$RELEASE_VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?$ ]]; then | |
echo "Valid semver: $RELEASE_VERSION" | |
else | |
echo "Invalid semver: $RELEASE_VERSION" | |
exit 1 | |
fi | |
done | |
- name: Determine the release branch to use | |
run: | | |
if [[ $RELEASE_VERSION =~ beta ]] || [[ $RELEASE_VERSION =~ alpha ]]; then | |
export RELEASE_BRANCH=main | |
echo "RELEASE_BRANCH=$RELEASE_BRANCH" >> $GITHUB_ENV | |
echo "This is a beta or alpha release, will use release branch $RELEASE_BRANCH" | |
else | |
export RELEASE_BRANCH=release-$(echo $RELEASE_VERSION | sed -E 's/^v([0-9]+)\.([0-9]+)\..*$/\1.\2/') | |
echo "RELEASE_BRANCH=$RELEASE_BRANCH" >> $GITHUB_ENV | |
echo "This is not a beta or alpha release, will use release branch $RELEASE_BRANCH" | |
fi | |
- name: Create or checkout release branch | |
run: | | |
if git show-ref --verify --quiet "refs/remotes/origin/$RELEASE_BRANCH"; then | |
echo "Branch $RELEASE_BRANCH already exists" | |
git checkout "$RELEASE_BRANCH" | |
else | |
git checkout -b "$RELEASE_BRANCH" | |
git push origin "$RELEASE_BRANCH" | |
echo "Created branch $RELEASE_BRANCH" | |
fi | |
- name: Validate tag does not already exist | |
run: | | |
if [[ $(git tag -l $RELEASE_VERSION) ]]; then | |
echo "Tag $RELEASE_VERSION already exists, exiting" | |
exit 1 | |
fi | |
- name: Create Release Tag | |
run: | | |
git config user.name "${GITHUB_ACTOR}" | |
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
git tag -a ${RELEASE_VERSION} -m ${RELEASE_VERSION} | |
git push origin ${RELEASE_VERSION} | |
echo "Created tag $RELEASE_VERSION" | |
release: | |
permissions: | |
contents: write # for softprops/action-gh-release to create GitHub release | |
name: create draft release | |
runs-on: ubuntu-latest | |
needs: push_release_tag | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
with: | |
egress-policy: audit | |
- name: Set env | |
run: echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV | |
env: | |
RELEASE_TAG: ${{needs.push_release_tag.outputs.release_tag}} | |
- name: checkout code | |
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # tag=v4.1.2 | |
with: | |
fetch-depth: 0 | |
ref: ${{ env.RELEASE_TAG }} | |
- name: Calculate go version | |
run: echo "go_version=$(make go-version)" >> $GITHUB_ENV | |
- name: Set up Go | |
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # tag=v5.0.0 | |
with: | |
go-version: ${{ env.go_version }} | |
- name: generate release artifacts | |
run: | | |
make release | |
- name: get release notes | |
run: | | |
curl -L "https://raw.githubusercontent.com/${{ github.repository }}/main/CHANGELOG/${{ env.RELEASE_TAG }}.md" \ | |
-o "${{ env.RELEASE_TAG }}.md" | |
- name: Release | |
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # tag=v2.0.4 | |
with: | |
draft: true | |
files: out/* | |
body_path: ${{ env.RELEASE_TAG }}.md | |
tag_name: ${{ env.RELEASE_TAG }} |