-
Notifications
You must be signed in to change notification settings - Fork 902
138 lines (131 loc) · 6.11 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: Release
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+"
env:
GRADLE_OPTS: -Dorg.gradle.daemon=false -Xmx2g -Xms2g
CONTAINER_REGISTRY: us-docker.pkg.dev/spinnaker-community/docker
NODE_VERSION: 14.21.3
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
- name: Get yarn cache
id: yarn-cache
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- uses: actions/setup-java@v3
with:
java-version: 11
distribution: 'zulu'
cache: 'gradle'
- name: Assemble release info
id: release_info
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
. .github/workflows/release_info.sh ${{ github.event.repository.full_name }}
echo CHANGELOG=$(echo -e "${CHANGELOG}") >> $GITHUB_OUTPUT
echo SKIP_RELEASE=${SKIP_RELEASE} >> $GITHUB_OUTPUT
echo IS_CANDIDATE=${IS_CANDIDATE} >> $GITHUB_OUTPUT
echo RELEASE_VERSION=${RELEASE_VERSION} >> $GITHUB_OUTPUT
- name: Prepare build variables
id: build_variables
run: |
echo REPO=${GITHUB_REPOSITORY##*/} >> $GITHUB_OUTPUT
echo VERSION="$(git rev-parse --short HEAD)-$(date --utc +'%Y%m%d%H%M')" >> $GITHUB_OUTPUT
- name: Release build
env:
ORG_GRADLE_PROJECT_version: ${{ steps.release_info.outputs.RELEASE_VERSION }}
ORG_GRADLE_PROJECT_nexusPublishEnabled: true
ORG_GRADLE_PROJECT_nexusUsername: ${{ secrets.NEXUS_USERNAME }}
ORG_GRADLE_PROJECT_nexusPassword: ${{ secrets.NEXUS_PASSWORD }}
ORG_GRADLE_PROJECT_nexusPgpSigningKey: ${{ secrets.NEXUS_PGP_SIGNING_KEY }}
ORG_GRADLE_PROJECT_nexusPgpSigningPassword: ${{ secrets.NEXUS_PGP_SIGNING_PASSWORD }}
run: |
./gradlew --info build
- name: Publish apt packages to Google Artifact Registry
env:
ORG_GRADLE_PROJECT_version: ${{ steps.release_info.outputs.RELEASE_VERSION }}
ORG_GRADLE_PROJECT_artifactRegistryPublishEnabled: true
GAR_JSON_KEY: ${{ secrets.GAR_JSON_KEY }}
run: |
./gradlew --info publishDebToArtifactRegistry
- name: Login to Google Cloud
# Only run this on repositories in the 'spinnaker' org, not on forks.
if: startsWith(github.repository, 'spinnaker/')
uses: 'google-github-actions/auth@v1'
# use service account flow defined at: https://github.com/google-github-actions/upload-cloud-storage#authenticating-via-service-account-key-json
with:
credentials_json: '${{ secrets.GAR_JSON_KEY }}'
- name: Upload halconfig profiles to GCS
# https://console.cloud.google.com/storage/browser/halconfig
# Only run this on repositories in the 'spinnaker' org, not on forks.
if: startsWith(github.repository, 'spinnaker/')
uses: 'google-github-actions/upload-cloud-storage@v1'
with:
path: 'halconfig/'
destination: 'halconfig/${{ steps.build_variables.outputs.REPO }}/${{ steps.release_info.outputs.RELEASE_VERSION }}'
parent: false
- name: Login to GAR
# Only run this on repositories in the 'spinnaker' org, not on forks.
if: startsWith(github.repository, 'spinnaker/')
uses: docker/login-action@v2
# use service account flow defined at: https://github.com/docker/login-action#service-account-based-authentication-1
with:
registry: us-docker.pkg.dev
username: _json_key
password: ${{ secrets.GAR_JSON_KEY }}
- name: Build and publish slim container image
# Only run this on repositories in the 'spinnaker' org, not on forks.
if: startsWith(github.repository, 'spinnaker/')
uses: docker/build-push-action@v4
with:
context: .
file: Dockerfile.slim
platforms: linux/amd64,linux/arm64
push: true
tags: |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.release_info.outputs.RELEASE_VERSION }}-unvalidated"
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.release_info.outputs.RELEASE_VERSION }}-unvalidated-slim"
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.release_info.outputs.RELEASE_VERSION }}-${{ steps.build_variables.outputs.VERSION }}-unvalidated-slim"
- name: Build and publish ubuntu container image
# Only run this on repositories in the 'spinnaker' org, not on forks.
if: startsWith(github.repository, 'spinnaker/')
uses: docker/build-push-action@v4
with:
context: .
file: Dockerfile.ubuntu
platforms: linux/amd64,linux/arm64
push: true
tags: |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.release_info.outputs.RELEASE_VERSION }}-unvalidated-ubuntu"
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.release_info.outputs.RELEASE_VERSION }}-${{ steps.build_variables.outputs.VERSION }}-unvalidated-ubuntu"
- name: Create release
if: steps.release_info.outputs.SKIP_RELEASE == 'false'
uses: softprops/action-gh-release@v1
with:
body: |
${{ steps.release_info.outputs.CHANGELOG }}
draft: false
name: ${{ github.event.repository.name }} ${{ github.ref_name }}
prerelease: ${{ steps.release_info.outputs.IS_CANDIDATE }}
tag_name: ${{ github.ref }}
token: ${{ secrets.GITHUB_TOKEN }}