Skip to content

erge branch 'master' into carl/winget #193

erge branch 'master' into carl/winget

erge branch 'master' into carl/winget #193

Workflow file for this run

name: Create Release & Upload Assets
on:
push:
# Sequence of patterns matched against refs/tags
tags:
- 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
jobs:
ci:
permissions:
actions: read
contents: read
security-events: write
uses: smallstep/cli/.github/workflows/ci.yml@master
secrets: inherit
create_release:
name: Create Release
needs: ci
runs-on: ubuntu-latest
env:
DOCKER_IMAGE: smallstep/step-cli
DEBIAN_TAG: bullseye
outputs:
version: ${{ steps.extract-tag.outputs.VERSION }}
vversion: ${{ steps.extract-tag.outputs.VVERSION }}
is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}
docker_tags: ${{ env.DOCKER_TAGS }}
docker_tags_debian: ${{ env.DOCKER_TAGS_DEBIAN }}
steps:
- name: Is Pre-release
id: is_prerelease
run: |
set +e
echo ${{ github.ref }} | grep "\-rc.*"
OUT=$?
if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi
echo "IS_PRERELEASE=${IS_PRERELEASE}" >> ${GITHUB_OUTPUT}
- name: Extract Tag Names
id: extract-tag
run: |
VVERSION=${GITHUB_REF#refs/tags/}
VERSION=${GITHUB_REF#refs/tags/v}
echo "VVERSION=${VVERSION}" >> ${GITHUB_OUTPUT}
echo "VERSION=${VERSION}" >> ${GITHUB_OUTPUT}
echo "DOCKER_TAGS=${{ env.DOCKER_IMAGE }}:${VERSION}" >> ${GITHUB_ENV}
echo "DOCKER_TAGS_DEBIAN=${{ env.DOCKER_IMAGE }}:${VERSION}-${DEBIAN_TAG}" >> ${GITHUB_ENV}
- name: Add Latest Tag
if: steps.is_prerelease.outputs.IS_PRERELEASE == 'false'
run: |
echo "DOCKER_TAGS=${{ env.DOCKER_TAGS }},${{ env.DOCKER_IMAGE }}:latest" >> ${GITHUB_ENV}
echo "DOCKER_TAGS_DEBIAN=${{ env.DOCKER_TAGS_DEBIAN }},${{ env.DOCKER_IMAGE }}:${DEBIAN_TAG}" >> ${GITHUB_ENV}
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
draft: false
prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}
goreleaser:
needs: create_release
permissions:
id-token: write
contents: write
uses: smallstep/workflows/.github/workflows/goreleaser.yml@main
secrets: inherit
build_upload_docker:
name: Build & Upload Docker Images
needs: create_release
permissions:
id-token: write
contents: write
uses: smallstep/workflows/.github/workflows/docker-buildx-push.yml@main
with:
platforms: linux/amd64,linux/386,linux/arm,linux/arm64
tags: ${{ needs.create_release.outputs.docker_tags }}
docker_image: smallstep/step-cli
docker_file: docker/Dockerfile
secrets: inherit
build_upload_docker_debian:
name: Build & Upload Docker Images using Debian
needs: create_release
permissions:
id-token: write
contents: write
uses: smallstep/workflows/.github/workflows/docker-buildx-push.yml@main
with:
platforms: linux/amd64,linux/386,linux/arm,linux/arm64
tags: ${{ needs.create_release.outputs.docker_tags_debian }}
docker_image: smallstep/step-cli
docker_file: docker/Dockerfile.debian
secrets: inherit
# All jobs below this are for full releases (non release candidates e.g. *-rc.*)
build_upload_aws_s3_binaries:
name: Build & Upload AWS S3 Binaries
runs-on: ubuntu-latest
needs: create_release
if: needs.create_release.outputs.is_prerelease == 'false'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: 'stable'
check-latest: true
- name: Build
id: build
run: |
PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin
make -j1 binary-linux-amd64 binary-linux-arm64 binary-darwin-amd64 binary-windows-amd64
mkdir -p ./.releases
cp ./output/binary/linux-amd64/bin/step ./.releases/step_${{ needs.create_release.outputs.version }}_linux_amd64
cp ./output/binary/linux-amd64/bin/step ./.releases/step_latest_linux_amd64
cp ./output/binary/linux-arm64/bin/step ./.releases/step_${{ needs.create_release.outputs.version }}_linux_arm64
cp ./output/binary/linux-arm64/bin/step ./.releases/step_latest_linux_arm64
cp ./output/binary/darwin-amd64/bin/step ./.releases/step_${{ needs.create_release.outputs.version }}_darwin_amd64
cp ./output/binary/darwin-amd64/bin/step ./.releases/step_latest_darwin_amd64
cp ./output/binary/windows-amd64/bin/step ./.releases/step_${{ needs.create_release.outputs.version }}_windows.exe
cp ./output/binary/windows-amd64/bin/step ./.releases/step_latest_windows.exe
- name: Upload s3
id: upload-s3
uses: jakejarvis/[email protected]
with:
args: --acl public-read --follow-symlinks
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: us-east-1
SOURCE_DIR: ./.releases
update_reference_docs:
name: Update Reference Docs
runs-on: ubuntu-latest
needs: create_release
if: needs.create_release.outputs.is_prerelease == 'false'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: 'stable'
check-latest: true
- name: Build
id: build
run: V=1 make build
- name: Checkout Docs
uses: actions/checkout@master
with:
repository: smallstep/docs
token: ${{ secrets.DOCS_PAT }}
path: './docs'
- name: Setup bot SSH signing key
uses: webfactory/[email protected]
env:
HAS_SSH_PRIVATE_KEY: ${{ secrets.STEP_TRAVIS_CI_GH_PRIVATE_SIGNING_KEY != '' }}
if: ${{ env.HAS_SSH_PRIVATE_KEY == 'true' }}
with:
ssh-private-key: |
${{ secrets.STEP_TRAVIS_CI_GH_PRIVATE_SIGNING_KEY }}
- name: Update Reference
id: update_reference
run: |
cd ./docs
git config user.email "[email protected]"
git config user.name "step-travis-ci"
# Configure GH commit signing key.
git config --global commit.gpgsign true
git config --global gpg.format ssh
git config --global user.signingkey "${{ secrets.STEP_TRAVIS_CI_GH_PUBLIC_SIGNING_KEY }}"
# Remove old docs
git rm -rf ./step-cli/reference
# Build fresh docs
./bin/step help --markdown ./step-cli/reference
# Generate new route manifest for the docs
find step-cli/reference -mindepth 2 -type f | jq -R -s '[
split("\n")[:-1][]
| {hideFromSidebar: true,
title: "",
path: ("/" + .)}
]' > $RUNNER_TEMP/reference-routes.json
# Replace old route manifest with new
jq --argfile newRoutes $RUNNER_TEMP/reference-routes.json 'walk(
if type == "object" and .isStepReference == true then
.routes = $newRoutes
else . end
)' < manifest.json > manifest.json.new
mv manifest.json.new manifest.json
git add . && git commit -a -m "step-cli ${{ needs.create_release.outputs.vversion }} reference update"
- name: Push changes
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.DOCS_PAT }}
branch: 'main'
directory: './docs'
repository: 'smallstep/docs'