release #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
workflow_dispatch: | |
inputs: | |
releaseTag: | |
description: releaseTag to set v1.2.3, v1.2.3-beta, etc. or auto version will be set | |
required: false | |
draftTag: | |
description: draftTag with the release notes. Can be found at the release page. E.g. untagged-777fe0c3b1edc8bd78f6 | |
required: true | |
makeLatestRelease: | |
type: boolean | |
description: github:latestRelease | |
required: true | |
preRelease: | |
type: boolean | |
description: artifacthub:preRelease | |
required: true | |
containsSecurityUpdates: | |
type: boolean | |
description: artifacthub:containsSecurityUpdates | |
required: true | |
swear: | |
description: I solemnly swear that the inputs are correct and I run the workflow from the correct branch! | |
type: choice | |
options: | |
- "yes" | |
- "yes, I do" | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
steps: | |
- name: log inputs | |
run: | | |
echo releaseTag=${{inputs.draftTag}} | |
echo draftTag=${{inputs.draftTag}} | |
echo makeLatestRelease=${{inputs.makeLatestRelease}} | |
echo preRelease=${{inputs.preRelease}} | |
echo containsSecurityUpdates=${{inputs.containsSecurityUpdates}} | |
echo swear=${{inputs.swear}} | |
- name: validate inputs | |
run: | | |
string=${{inputs.releaseTag}} | |
if [[ ${string:0:1} != "v" ]]; then | |
echo "The first character is not 'v'" | |
echo "Make sure that releaseTag has a form of 'v1.2.3'" | |
exit 2 | |
fi | |
string=${{inputs.draftTag}} | |
if [[ $string != untagged-* ]]; then | |
echo "draftTag does not start with 'untagged-'" | |
echo "Make sure to copy the id from a draft at https://github.com/weka/csi-wekafs/releases" | |
echo "It should have a form of 'untagged-286bdd99389b598e48c4'" | |
exit 2 | |
fi | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
token: ${{ secrets.PAT }} # https://github.com/stefanzweifel/git-auto-commit-action#push-to-protected-branches | |
fetch-depth: 0 | |
- run: gh release view ${{inputs.draftTag}} | |
env: | |
GH_TOKEN: ${{ secrets.BOTTY_GH_TOKEN }} | |
- name: Configure git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
- name: Get version | |
id: version | |
uses: codacy/[email protected] | |
with: | |
prefix: v | |
minor-identifier: /feat(ure)*:/ | |
major-identifier: /breaking:/ | |
- name: Set package version | |
id: set_version | |
env: | |
VERSION: ${{ steps.version.outputs.version }} | |
INPUT_VERSION: ${{ inputs.releaseTag }} | |
run: | | |
if [[ $INPUT_VERSION ]]; then | |
VERSION=$INPUT_VERSION | |
fi | |
VERSION=`echo $VERSION | sed "s|SNAPSHOT|$GITHUB_REF_NAME|"` | |
echo "version=$VERSION" >> $GITHUB_OUTPUT | |
VERSION_WITHOUT=`echo $VERSION | sed 's/^v//1'` | |
out="$(echo "${{ steps.auto_version.outputs.version }}" | sed 's/^v//1')" | |
cd charts/csi-wekafsplugin | |
yq -i '.version = "'$VERSION_WITHOUT'"' Chart.yaml | |
yq -i '.appVersion = "'$VERSION'"' Chart.yaml | |
yq -i '.csiDriverVersion = "'$VERSION_WITHOUT'"' values.yaml | |
yq -i '.sources[0] = "'https://github.com/weka/csi-wekafs/tree/$VERSION'"' Chart.yaml | |
yq -i '.annotations."artifacthub.io/prerelease" = "'${{ inputs.preRelease }}'"' Chart.yaml | |
yq -i '.annotations."artifacthub.io/containsSecurityUpdates" = "'${{ inputs.containsSecurityUpdates }}'"' Chart.yaml | |
echo ------------------ values ------------------ | |
cat values.yaml | |
echo --------------------chart ------------------ | |
cat Chart.yaml | |
- name: Update RELEASE.md | |
env: | |
VERSION: ${{ steps.set_version.outputs.version }} | |
GH_TOKEN: ${{ secrets.BOTTY_GH_TOKEN }} | |
run: | | |
gh release view ${{inputs.draftTag}} --json body | jq -r .body > changelog | |
sed '$d' changelog > changelog1 # delete last line | |
# insert release note at the beginning | |
# sed doesn't work well here | |
echo "# Release $VERSION" >> CHANGELOG.md | |
cat changelog1 >> CHANGELOG.md | |
cat RELEASE.md >> CHANGELOG.md | |
# release note will taken from here by helm/chart-releaser-action | |
cat changelog1 > charts/csi-wekafsplugin/CHANGELOG.md | |
mv CHANGELOG.md RELEASE.md | |
- uses: docker/setup-buildx-action@v3 | |
- uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
registry: quay.io | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
push: true | |
pull: true | |
tags: quay.io/weka.io/csi-wekafs:${{ steps.set_version.outputs.version }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
labels: | | |
revision='${{ steps.set_version.outputs.version }}' | |
build-args: | | |
VERSION='${{ steps.set_version.outputs.version }}' | |
- name: helm-docs | |
uses: addnab/docker-run-action@v3 | |
with: | |
image: jnorwood/helm-docs:latest | |
options: -v ${{ github.workspace }}:/data | |
run: | | |
cd /data | |
helm-docs -s file -c charts -o ../../README.md -t ../README.md.gotmpl | |
helm-docs -s file -c charts | |
- run: gh release delete ${{inputs.draftTag}} --yes | |
env: | |
GH_TOKEN: ${{ secrets.BOTTY_GH_TOKEN }} | |
# https://github.com/stefanzweifel/git-auto-commit-action#push-to-protected-branches | |
- uses: stefanzweifel/git-auto-commit-action@v5 | |
with: | |
commit_message: Release ${{ steps.set_version.outputs.version }} | |
# https://colinwilson.uk/2022/01/27/how-to-sign-helm-charts-using-chart-releaser-action/ | |
- name: Prepare GPG key | |
run: | | |
gpg_dir=.cr-gpg | |
mkdir "$gpg_dir" | |
keyring="$gpg_dir/secring.gpg" | |
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" | |
passphrase_file="$gpg_dir/passphrase" | |
echo "$GPG_PASSPHRASE" > "$passphrase_file" | |
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" | |
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" | |
env: | |
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" | |
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" | |
- uses: helm/[email protected] | |
env: | |
CR_TOKEN: "${{ secrets.BOTTY_GH_TOKEN }}" | |
CR_RELEASE_NAME_TEMPLATE: "v{{ .Version }}" | |
CR_GENERATE_RELEASE_NOTES: true | |
CR_MAKE_RELEASE_LATEST: ${{ inputs.makeLatestRelease }} | |
CR_RELEASE_NOTES_FILE: CHANGELOG.md | |
CR_SIGN: true | |
CR_KEY: "WEKA CSI" |