-
Notifications
You must be signed in to change notification settings - Fork 116
107 lines (91 loc) · 4.11 KB
/
automated-release-workflow.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
name: Automated Release Workflow
on:
workflow_dispatch:
inputs:
release_version:
description: 'Version of Splunk Operator Release'
required: true
operator_image_tag:
description: 'Tag for Splunk Operator Image'
required: true
enterprise_version:
description: 'Enterprise Image Version. Should match with Tag on Splunk Enterprise Docker Repo'
required: true
jobs:
automated-release:
name: Automated Release Workflow
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
if: github.ref == 'refs/heads/main'
steps:
- name: Set up cosign
uses: sigstore/cosign-installer@main
- name: Checkout code
uses: actions/checkout@v2
- name: Deep Fetch
run: |
git fetch --prune --unshallow
- name: Dotenv Action
id: dotenv
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Configure Docker Credentials
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PUSH_TOKEN}}
- name: Install Operator SDK
run: |
export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac)
export OS=$(uname | awk '{print tolower($0)}')
export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}
sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
sudo chmod +x operator-sdk_${OS}_${ARCH}
sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk
- name: Generate Release Artifacts
run: |
make generate-artifacts IMG=splunk/splunk-operator:${{ github.event.inputs.release_version }} VERSION=${{ github.event.inputs.release_version }} SPLUNK_ENTERPRISE_IMAGE=splunk/splunk:${{ github.event.inputs.enterprise_version }}
- name: Upload Release Artifacts
uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
with:
name: "release-artifacts-${{ github.event.inputs.release_version }}"
path: "release-**"
- name: Generate Release Notes
run: |
a=`cat docs/ChangeLog.md | grep -n -m2 "^##" | awk -F":" '{print $1}' | tail -1`
a=`expr $a - 1`
sed -n "4,${a}p" docs/ChangeLog.md >> docs/ReleaseNotes.md >> docs/ReleaseNotes.md
- name: Create Release
uses: ncipollo/release-action@40bb172bd05f266cf9ba4ff965cb61e9ee5f6d01
with:
artifacts: "release-${{ github.event.inputs.release_version }}/splunk-operator-cluster.yaml,release-${{ github.event.inputs.release_version }}/splunk-operator-namespace.yaml"
bodyFile: "docs/ReleaseNotes.md"
tag: "${{ github.event.inputs.release_version }}"
draft: true
- name: Pull RC Splunk Operator Image
run: |
docker pull splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC
- name: Promote RC Image to Release
run: |
docker tag splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
- name: Push Release Image
run: |
docker push splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
- name: Sign Splunk Operator image with a key
run: |
cosign sign --yes --key env://COSIGN_PRIVATE_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
env:
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
- name: Verify Splunk Operator image with a key
run: |
cosign verify --key env://COSIGN_PUBLIC_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
env:
COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}