-
Notifications
You must be signed in to change notification settings - Fork 21
125 lines (112 loc) · 3.36 KB
/
release_build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Release Build
on:
push:
tags:
- 'v[0-9].[0-9]+.[0-9]+'
jobs:
validate:
runs-on: ubuntu-22.04
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: 1.22.2
- name: Lint
run: make lint
- name: Test
run: make test
build:
runs-on: ubuntu-22.04
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Build image
run: make docker-build
- name: Export images
run: tar -czvf images.tar.gz *-image.tar
- name: Archive images
uses: actions/upload-artifact@v4
with:
name: images
path: images.tar.gz
integration-test:
runs-on: ubuntu-latest
needs: [build]
permissions:
contents: read
strategy:
fail-fast: false
matrix:
# Choose tags corresponding to the version of Kind being used.
# At a minimum, we should test the currently supported versions of
# Kubernetes, but can go back farther as long as we don't need heroics
# to pull it off (i.e. kubectl version juggling).
k8s-version:
- v1.29.1
- v1.28.6
- v1.27.10
- v1.26.13
- v1.25.16
- v1.24.17
- v1.23.17
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Download archived images
uses: actions/download-artifact@v4
with:
name: images
path: .
- name: Load archived images
run: |
tar xvf images.tar.gz
make load-images
- name: Run integration tests
run: K8S_VERSION=${{ matrix.k8s-version }} test/run.sh
publish:
runs-on: ubuntu-latest
needs: [validate, integration-test]
permissions:
contents: read
id-token: write
packages: write
env:
COSIGN_EXPERIMENTAL: 1
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- name: Install cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
with:
cosign-release: v2.2.3
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Download archived images
uses: actions/download-artifact@v4
with:
name: images
path: .
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push images
run: |
tar xvf images.tar.gz
./.github/workflows/scripts/push-images.sh "${GITHUB_REF#refs/tags/v}"