ci: fix go workflow succeeding even if a step fails (#5) #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) 2024 Hemi Labs, Inc. | |
# Use of this source code is governed by the MIT License, | |
# which can be found in the LICENSE file. | |
# GitHub Actions workflow to create releases. | |
# Releases are published from tags matching "v*.*.*". | |
name: "Release" | |
on: | |
push: | |
tags: [ "v*.*.*" ] | |
workflow_dispatch: | |
inputs: | |
version: | |
description: "Version" | |
type: string | |
required: true | |
docker: | |
description: "Build Docker images" | |
type: boolean | |
required: true | |
default: false | |
release: | |
description: "Create GitHub release and publish Docker images" | |
type: boolean | |
required: true | |
default: false | |
concurrency: | |
group: "release-${{ github.ref }}" | |
cancel-in-progress: true | |
env: | |
GO_VERSION: "1.22.x" | |
jobs: | |
# Run tests | |
test: | |
name: "Test" | |
uses: ./.github/workflows/go.yml | |
# Prepare to release | |
prepare: | |
name: "Prepare" | |
runs-on: "ubuntu-latest" | |
permissions: | |
contents: read | |
outputs: | |
version: "${{ steps.version.outputs.version }}" | |
tag: "${{ steps.version.outputs.tag }}" | |
version_type: "${{ steps.version.outputs.type }}" | |
steps: | |
- name: "Determine version type" | |
id: version | |
env: | |
RAW_VERSION: "${{ inputs.version || github.ref_name }}" | |
# This script determines the version type (stability), e.g. | |
# 1.0.0 = stable, 1.1.0-rc.1 = unstable, 0.1.0 = unstable | |
run: | | |
VERSION=$(echo "$RAW_VERSION" | sed -e 's/^v//') | |
TAG=$(echo "$RAW_VERSION" | sed -E 's/^([^v])/v\1/g') | |
echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
echo "tag=$TAG" >> "$GITHUB_OUTPUT" | |
TYPE=unstable | |
if echo "VERSION" | grep -Eq '^[1-9][0-9]*\.[0-9]+\.[0-9]+$'; then | |
TYPE=stable | |
fi | |
echo "Detected that $TAG is $TYPE" | |
echo "type=$TYPE" >> "$GITHUB_OUTPUT" | |
# Build binaries | |
build: | |
name: "Build (${{ matrix.goos }}/${{ matrix.goarch }})" | |
runs-on: "ubuntu-latest" | |
needs: [ "test", "prepare" ] | |
permissions: | |
contents: read | |
strategy: | |
fail-fast: true | |
matrix: | |
goos: [ "linux", "darwin" ] | |
goarch: [ "amd64", "arm64" ] | |
include: | |
- goos: "windows" | |
goarch: "amd64" | |
- goos: "openbsd" | |
goarch: "amd64" | |
steps: | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
- name: "Setup Go ${{ env.GO_VERSION }}" | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "${{ env.GO_VERSION }}" | |
cache: true | |
check-latest: true | |
- name: "Download and verify dependencies" | |
run: make deps | |
- name: "Create binary archive for ${{ matrix.goos }}/${{ matrix.goarch }}" | |
env: | |
GOOS: "${{ matrix.goos }}" | |
GOARCH: "${{ matrix.goarch }}" | |
CGO_ENABLED: 0 # Disable CGO. | |
GOGC: off # Disable GC during build, faster but uses more RAM. | |
run: make archive | |
- name: "Upload artifacts" | |
uses: actions/upload-artifact@v4 | |
with: | |
name: "${{ matrix.goos }}_${{ matrix.goarch }}" | |
retention-days: 1 | |
path: | | |
dist/* | |
# Build and publish Docker images | |
docker: | |
name: "Docker (${{ matrix.service }})" | |
runs-on: "ubuntu-latest" | |
if: github.event_name == 'push' || inputs.docker | |
needs: [ "test", "prepare" ] | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
fail-fast: true | |
matrix: | |
include: | |
- service: "bfgd" | |
platforms: "linux/amd64,linux/arm64" | |
- service: "bssd" | |
platforms: "linux/amd64,linux/arm64" | |
- service: "popmd" | |
platforms: "linux/amd64,linux/arm64" | |
steps: | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
- name: "Setup QEMU" | |
uses: docker/setup-qemu-action@v3 | |
- name: "Setup Docker Buildx" | |
uses: docker/setup-buildx-action@v3 | |
- name: "Login to DockerHub" | |
if: github.event_name == 'push' || inputs.release | |
uses: docker/login-action@v3 | |
with: | |
username: "${{ secrets.DOCKERHUB_USERNAME }}" | |
password: "${{ secrets.DOCKERHUB_PASSWORD }}" | |
- name: "Login to GitHub Container Registry" | |
if: github.event_name == 'push' || inputs.release | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: "${{ github.repository_owner }}" | |
password: "${{ secrets.GITHUB_TOKEN }}" | |
- name: "Prepare" | |
id: "prepare" | |
run: | | |
echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "$GITHUB_OUTPUT" | |
- name: "Build and push" | |
uses: docker/build-push-action@v5 | |
with: | |
context: "${{ github.workspace }}" | |
platforms: "${{ matrix.platforms }}" | |
file: "${{ github.workspace }}/docker/${{ matrix.service }}/Dockerfile" | |
push: "${{ github.event_name == 'push' || inputs.release }}" | |
build-args: | | |
VERSION=${{ needs.prepare.outputs.version }} | |
VCS_REF=${{ github.sha }} | |
BUILD_DATE=${{ steps.prepare.outputs.build_date }} | |
tags: | | |
hemilabs/${{ matrix.service }}:latest | |
hemilabs/${{ matrix.service }}:${{ needs.prepare.outputs.tag }} | |
ghcr.io/hemilabs/${{ matrix.service }}:latest | |
ghcr.io/hemilabs/${{ matrix.service }}:${{ needs.prepare.outputs.tag }} | |
# Create GitHub Release | |
release: | |
name: "Release" | |
runs-on: "ubuntu-latest" | |
needs: [ "prepare", "build", "docker" ] | |
permissions: | |
# Permission to write contents is required to create GitHub releases. | |
# Builds are performed in a separate job with more restrictive permissions | |
# because this permission allows any action to write to the repository. | |
contents: write | |
steps: | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
- name: "Create sources archive" | |
run: make sources | |
- name: "Download build artifacts" | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: "*_*" | |
path: "${{ github.workspace }}/dist/" | |
merge-multiple: true | |
- name: "Create checksums" | |
run: make checksums | |
- name: "Create GitHub release" | |
if: github.event_name == 'push' || inputs.release | |
env: | |
TAG: "${{ github.ref_name || needs.prepare.outputs.tag }}" | |
PRERELEASE: "${{ needs.prepare.outputs.version_type == 'unstable' }}" | |
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
# Creates a GitHub release using the 'gh' CLI (https://github.com/cli/cli). | |
# Release notes will be generated by GitHub using the config at .github/release.yml. | |
run: | | |
gh release create "$TAG" ./dist/* --generate-notes --prerelease=$PRERELEASE |