-
Notifications
You must be signed in to change notification settings - Fork 103
154 lines (134 loc) · 5.44 KB
/
registry-publish-ghcr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: Build and Deploy OCI Image - GHCR
on:
push:
tags:
- 'v*'
env:
ORG: turbot
CR: ghcr.io
CR_PREFIX: turbot/steampipe/plugins
CONFIG_SCHEMA_VERSION: '2020-11-18'
ORAS_VERSION: 1.1.0
jobs:
build-deploy:
runs-on: ubuntu_8_core
permissions:
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# Setup Env
- name: Set environment variables
run: |
plugin_name=$(echo $GITHUB_REPOSITORY | cut -d'-' -f 3)
echo $plugin_name
echo "PLUGIN_NAME=${plugin_name}" >> $GITHUB_ENV
# Exit early if we don't need to build
- name: Exit if goreleaser file is missing
run: |
test -f .goreleaser.yml
- name: Get latest version tag
run: |-
echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Get latest trimmed version tag
run: |-
echo $VERSION
trim=${VERSION#"v"}
echo $trim
echo "VERSION=${trim}" >> $GITHUB_ENV
- name: Validate Version String is SemVer
run: |-
if [[ $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Version OK: $VERSION"
else
echo "Invalid version: $VERSION"
exit 1
fi
- name: Ensure Version Does Not Exist
run: |-
URL=https://$CR/v2/$CR_PREFIX/$ORG/$PLUGIN_NAME/tags/list
IDX=$(curl -L -H "Authorization: Bearer $(base64 <<< $GITHUB_TOKEN)" $URL | jq ".tags | index(\"$VERSION\")")
if [ $IDX == "null" ]; then
echo "OK - Version does not exist: $VERSION"
else
echo "Version already exists: $VERSION"
exit 1
fi
# Setup go & build
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.21
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: release --clean --skip=publish --timeout=60m
- name: List Build Artifacts
run: ls -laR ./dist
# Copy artifacts into working dir
- name: Copy artifacts to working dir
run: cp ./dist/*.gz .
# Create files for registry
- name: Create config file
run: |-
JSON_STRING=$( jq -n \
--arg name "$PLUGIN_NAME" \
--arg organization "$ORG" \
--arg version "$VERSION" \
--arg schemaVersion "$CONFIG_SCHEMA_VERSION" \
'{schemaVersion: $schemaVersion, plugin: { name: $name, organization: $organization, version: $version} }' )
echo $JSON_STRING > config.json
- name: Create annotations file
run: |-
JSON_STRING=$( jq -n \
--arg title "$PLUGIN_NAME" \
--arg desc "$ORG" \
--arg version "$VERSION" \
--arg timestamp "$(date +%FT%T%z | sed 's/\([0-9][0-9]\)\([0-9][0-9]\)$/\1:\2/')" \
--arg repo "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--arg commit "$GITHUB_SHA" \
--arg vendor "Turbot HQ, Inc." \
'{
"$manifest": {
"org.opencontainers.image.title": $title,
"org.opencontainers.image.description": $desc,
"org.opencontainers.image.version": $version,
"org.opencontainers.image.created": $timestamp,
"org.opencontainers.image.source": $repo,
"org.opencontainers.image.revision": $commit,
"org.opencontainers.image.vendor": $vendor
}
}' )
echo $JSON_STRING > annotations.json
- run: cat annotations.json
- run: cat README.md
# Setup ORAS
- name: Install specific version of ORAS
run: |
curl -LO https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz
sudo tar xzf oras_${ORAS_VERSION}_linux_amd64.tar.gz -C /usr/local/bin oras
oras version
# Login to GHCR
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ${{ env.CR }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
# Publish to GHCR
- name: Push to the container registry
run: |-
REF="$CR/$CR_PREFIX/$ORG/$PLUGIN_NAME:$VERSION"
oras push $REF \
--config config.json:application/vnd.turbot.steampipe.config.v1+json \
--annotation-file annotations.json \
steampipe-plugin-${PLUGIN_NAME}_darwin_amd64.gz:application/vnd.turbot.steampipe.plugin.darwin-amd64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_darwin_arm64.gz:application/vnd.turbot.steampipe.plugin.darwin-arm64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_linux_amd64.gz:application/vnd.turbot.steampipe.plugin.linux-amd64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_linux_arm64.gz:application/vnd.turbot.steampipe.plugin.linux-arm64.layer.v1+gzip \
docs:application/vnd.turbot.steampipe.plugin.docs.layer.v1+tar \
config:application/vnd.turbot.steampipe.plugin.spc.layer.v1+tar
oras tag $REF $GITHUB_RUN_ID