Skip to content

Merge pull request #25 from thisthat/go-mod-api #38

Merge pull request #25 from thisthat/go-mod-api

Merge pull request #25 from thisthat/go-mod-api #38

name: Run Release Please
on:
push:
branches:
- main
env:
# Default minimum version of Go to support.
DEFAULT_GO_VERSION: 1.19
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
GITHUB_PAGES_BRANCH: gh-pages
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
release-please:
permissions:
contents: write # for google-github-actions/release-please-action to create release commit
pull-requests: write # for google-github-actions/release-please-action to create release PR
runs-on: ubuntu-22.04
# Release-please creates a PR that tracks all changes
steps:
- uses: google-github-actions/release-please-action@v3
id: release
with:
command: manifest
token: ${{secrets.GITHUB_TOKEN}}
default-branch: main
- name: prepare-release
id: prepare
env:
API_TAG: ${{ steps.release.outputs.apis--tag_name }}
OP_TAG: ${{ steps.release.outputs.operator--tag_name }}
run: |
release_apis=true
release_operator=true
if [ -z "${API_TAG}" ]
then
release_apis=false
fi
if [ -z "${OP_TAG}" ]
then
release_operator=false
fi
echo "apis=${release_apis}" >> "$GITHUB_OUTPUT"
echo "operator=${release_operator}" >> "$GITHUB_OUTPUT"
- name: Debug
env:
INFO: ${{ toJSON(steps.release.outputs) }}
run: |
echo "Path released: ${{ steps.release.outputs.paths_released }}"
echo "Tag name APIs: ${{ steps.release.outputs.apis--tag_name }}"
echo "Outputs: ${INFO}"
echo "Output API: ${{ steps.prepare.outputs.apis }}"
echo "Output Operator: ${{ steps.prepare.outputs.operator }}"
outputs:
release_operator: ${{ steps.prepare.outputs.operator }}
release_apis: ${{ steps.prepare.outputs.apis }}
release_created: ${{ steps.release.outputs.release_created }}
release_tag_name: ${{ steps.release.outputs.tag_name }}
build-oci:
permissions:
packages: write # to push the container image
needs: release-please
runs-on: ubuntu-22.04
if: ${{ needs.release-please.outputs.release_created }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ needs.release-please.outputs.release_tag_name }}
- name: Log in to the Container registry
uses: docker/login-action@a9794064588be971151ec5e7144cb535bcb56e36
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@35e9aff4f5d665b5aa8a8f2adffaf8a1b5f49cc0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Set up QEMU
uses: docker/setup-qemu-action@master
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Build
uses: docker/build-push-action@v4
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.release-please.outputs.release_tag_name }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=${{ github.ref_name }}-ofo
cache-to: type=gha,scope=${{ github.ref_name }}-ofo
- name: Install cosign
uses: sigstore/cosign-installer@main
with:
cosign-release: 'v1.13.0'
- name: Sign release image
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY ghcr.io/open-feature/open-feature-operator:${{ needs.release-please.outputs.release_tag_name }}
# Displays the public key to share.
cosign public-key --key env://COSIGN_PRIVATE_KEY > ./cosign.pub
env:
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
if: ${{ env.DRY_RUN != 'true' }}
release-assets:
permissions:
contents: write # for softprops/action-gh-release to create GitHub release
needs: release-please
runs-on: ubuntu-22.04
if: ${{ needs.release-please.outputs.release_created }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ needs.release-please.outputs.release_tag_name }}
- name: Setup go
uses: actions/setup-go@v4
with:
go-version: ${{ env.DEFAULT_GO_VERSION }}
- run: |
go mod tidy
make controller-gen
IMG=ghcr.io/open-feature/open-feature-operator:${{ needs.release-please.outputs.release_tag_name }} make helm-package
IMG=ghcr.io/open-feature/open-feature-operator:${{ needs.release-please.outputs.release_tag_name }} make release-manifests
- uses: anchore/sbom-action@v0
with:
output-file: ./open-feature-operator-sbom.spdx.json
- name: Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ needs.release-please.outputs.release_tag_name }}
files: |
config/rendered/release.yaml
config/samples/end-to-end.yaml
open-feature-operator-sbom.spdx.json
release-charts:
needs: release-please
permissions:
contents: write
runs-on: ubuntu-22.04
if: ${{ needs.release-please.outputs.release_created }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ env.GITHUB_PAGES_BRANCH }}
- name: Setup go
uses: actions/setup-go@v4
with:
go-version: ${{ env.DEFAULT_GO_VERSION }}
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Merge release to gh-pages
run: git merge ${{ needs.release-please.outputs.release_tag_name }}
- name: Generate helm charts
run: IMG=ghcr.io/open-feature/open-feature-operator:${{ needs.release-please.outputs.release_tag_name }} make helm-package
- name: Commit files
run: |
git add charts/
git add index.yaml
git commit -s -m "chore: released charts ${{ needs.release-please.outputs.release_tag_name }}"
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ env.GITHUB_PAGES_BRANCH }}