-
Notifications
You must be signed in to change notification settings - Fork 4
132 lines (113 loc) · 3.61 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Release Pipeline
on:
push:
tags:
- "v*.*.*"
jobs:
openapi:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Generate Swagger UI
uses: Legion2/swagger-ui-action@v1
with:
output: swagger-ui
spec-file: pkg/docs/swagger.json
- name: Deploy
uses: peaceiris/actions-gh-pages@v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_branch: swagger-ui-pages # default: gh-pages
publish_dir: swagger-ui
goreleaser:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
packages: write
env:
KO_DOCKER_REPO: "ghcr.io/${{ github.repository_owner }}"
KO_DATA_PATH: "/usr/share/doc/${{ github.repository }}/"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Unshallow
run: git fetch --prune --unshallow
- name: Install tools
run: make install-ci-tools
- name: Install cosign
uses: sigstore/[email protected]
- name: Setup ko
uses: ko-build/[email protected]
# - name: Install Crane
# uses: imjasonh/[email protected]
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
cache: true
- name: Licenses
run: make licenses
- name: Login to ghcr.io
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ github.token }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v4
id: run-goreleaser
with:
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# - name: sign image
# run: |
# digest=$(crane digest ghcr.io/${{ github.repository }}:${{ github.sha }})
# cosign sign --yes --force "ghcr.io/${{ github.repository }}@${digest}"
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
helm:
# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install tools
run: make install-ci-tools
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
cache: true
- name: Generate helm docs
run: make generate
- name: Install Helm
uses: azure/setup-helm@v4
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Packaging
run: |
VERSION=${{github.ref_name}}
rm -rf .cr-release-packages
mkdir -p .cr-release-packages
helm package deploy/charts/auth0-exporter --app-version=${VERSION:1} --version=${VERSION:1} --destination=.cr-release-packages
- name: Run chart-releaser
uses: helm/[email protected]
with:
skip_packaging: true
mark_as_latest: false
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"