Skip to content

push-tag-release

push-tag-release #4

name: push-tag-release
on:
# This is _ONLY_ for manually creating an image
# for a tag that already exists. You would do this if
# for some reason CD fails, and you need to try to
# manually rebuild and publish the image.
workflow_dispatch:
inputs:
tag:
description: "Tag to build and publish"
required: true
type: string
# This trigger is called from "push-main", and is _ONLY_ for
# creating docker images for newly tagged releases.
workflow_call:
inputs:
tag:
required: true
type: string
# This trigger is _ONLY_ for helm chart publishing and deployment.
# See jobs ci-lint-charts, cicd-build-publish-charts, cd-deploy-testnet
push:
tags:
# Root tag versions (e.g. v1.0.0) to kick off the helm chart publish and deploy.
- "v*.*.*"
jobs:
check-tags:
name: Parse and validate ${{ inputs.tag || github.ref_name }} tag
runs-on: ubuntu-latest
outputs:
tag-name: ${{ steps.tag-parse.outputs.name }}
tag-version: ${{ steps.tag-parse.outputs.version }}
release: ${{ steps.tag-parse.outputs.release }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
ref: ${{ inputs.tag }} # This will evaluate to "" in the case of a tag push
# which is what we want. Since the tag will exist on the default branch.
# - name: Fail if git tag is not from allowed branches
# if: startsWith(github.ref, 'refs/tags/')
# uses: smartcontractkit/.github/actions/guard-tag-from-branch@main
# with:
# tag: ${{ github.ref_name }}
# branch-regex: '^(main|release\/.*)'
- name: Validate and Parse Tag
id: tag-parse
uses: smartcontractkit/.github/actions/check-git-tag-for-monorepo@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected]
with:
tag-ref: ${{ inputs.tag || github.ref_name }}
cicd-build-publish-artifacts-release:
name: Publish ${{ needs.check-tags.outputs.tag-name }}:${{ needs.check-tags.outputs.tag-version }} Image
runs-on: ubuntu-latest
needs: [check-tags]
if: needs.check-tags.outputs.release == 'true'
permissions:
id-token: write
contents: write
actions: read
steps:
- name: cicd-build-publish-artifacts-release
uses: smartcontractkit/.github/actions/cicd-build-publish-artifacts-go@25645c21796ebb5554693fcc0d312dc88330fbe0 # [email protected]
with:
# general inputs
app-name: chainlink-feeds-${{ needs.check-tags.outputs.tag-name }}
publish: "true"
# if ref is empty do to a tag push, it will be an empty string that will checkout the HEAD
checkout-ref: ${{ inputs.tag }}
# grafana inputs
metrics-job-name: cicd-build-publish-artifacts-release
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }}
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }}
# aws inputs
aws-region: ${{ secrets.AWS_REGION }}
aws-role-arn: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN }}
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}
# gati inputs
use-gati: "true"
aws-role-arn-gati: ${{ secrets.AWS_OIDC_CHAINLINK_FEEDS_CI_CHANGESET_TOKEN_ISSUER_ROLE_ARN }}
aws-lambda-url-gati: ${{ secrets.AWS_LAMBDA_URL_GATI }}
# golang inputs
go-version-file: go.work
# goreleaser inputs
goreleaser-args: "--config ./${{ needs.check-tags.outputs.tag-name }}/.goreleaser.ci.yaml"
goreleaser-dist: goreleaser-pro
goreleaser-key: ${{ secrets.GORELEASER_KEY }}
# zig inputs
use-zig: "true"
zig-version: "0.11.0"
# docker inputs
docker-registry: aws
docker-image-tag: devel