From 1daa8d603e55fc9bbd47cbe7e30d7f1facbcfabc Mon Sep 17 00:00:00 2001 From: Brett Logan Date: Fri, 23 Dec 2022 22:22:01 -0500 Subject: [PATCH] Update release workflow Signed-off-by: Brett Logan --- .github/workflows/cd.yml | 3 + .github/workflows/ci.yml | 3 + .github/workflows/release.yml | 139 ++++++++++++++++++++++++++++++++++ 3 files changed, 145 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 15fbe22d..f92a75a6 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -32,6 +32,9 @@ jobs: - name: Retrieve Datetime run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" + - name: Setup Docker BuildX + uses: docker/setup-buildx-action@v2.2.1 + - name: Login to Docker Hub uses: docker/login-action@v2.1.0 with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0845f700..9eb6ae3a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,6 +28,9 @@ jobs: - name: Retrieve Datetime run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" + - name: Setup Docker BuildX + uses: docker/setup-buildx-action@v2.2.1 + - name: Build Image uses: docker/build-push-action@v3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..8527ff52 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,139 @@ +--- +name: Release + +on: + release: + types: [published] + workflow_dispatch: + inputs: + release_version: + description: 'version to release. Ex: v4.3.2' + required: true + default: 'v' + +jobs: + release: + name: Release Images + runs-on: ubuntu-latest + permissions: + contents: read + deployments: write + issues: write + packages: write + strategy: + fail-fast: false + matrix: + images: + - prefix: slim- + environment: Release-SLIM + - prefix: "" + environment: Release + timeout-minutes: 60 + + steps: + - name: Setup Docker BuildX + uses: docker/setup-buildx-action@v2.2.1 + + - name: Login to DockerHub + uses: docker/login-action@v2.0.0 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Login to GHCR + uses: docker/login-action@v2.0.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Retrieve Current Release Version + # shellcheck disable=SC2062 + run: | + RELEASE_VERSION="${{ github.event.release.name }}" + + if [ -z "${RELEASE_VERSION}" ]; then + echo "No release version found in environment, using input..." + RELEASE_VERSION="${{ github.event.inputs.release_version }}" + fi + + # Check the RELEASE_VERSION again + if [ -z "${RELEASE_VERSION}" ]; then + echo "Error RELEASE_VERSION is empty. Exiting..." + exit 1 + fi + + if ! echo "${RELEASE_VERSION}" | grep -E -o "v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+"; then + echo "Error: RELEASE_VERSION doesn't look like a semantic version: ${RELEASE_VERSION}" + exit 2 + fi + + { + echo "RELEASE_VERSION=${RELEASE_VERSION}" + echo "SEMVER_VERSION=${RELEASE_VERSION#v}" + echo "SEMVER_MAJOR_VERSION=${SEMVER_VERSION%%.*}" + echo "SEMVER_MAJOR_VERSION_WITH_PREFIX=v${SEMVER_MAJOR_VERSION}" + } >> "${GITHUB_ENV}" + + - name: Start ${{ matrix.images.environment }} Deployment + uses: bobheadxi/deployments@v1.3.0 + id: deployment + with: + step: start + token: ${{ secrets.GITHUB_TOKEN }} + env: ${{ matrix.images.environment }} + + # We don't rebuild the image to avoid that the latest tag and the release tags don't point to what the release tag is pointing to. + # Instead, we pull the latest image and tag it. + - name: Build and Push Images + uses: akhilerm/tag-push-action@v2.1.0 + with: + src: ghcr.io/github/super-linter:${{ matrix.images.prefix }}latest + dst: | + github/super-linter:${{ matrix.images.prefix }}v4 + github/super-linter:${{ matrix.images.prefix }}${{ env.RELEASE_VERSION }} + ghcr.io/github/super-linter:${{ matrix.images.prefix }}v4 + ghcr.io/github/super-linter:${{ matrix.images.prefix }}${{ env.RELEASE_VERSION }} + + - name: Checkout Code + uses: actions/checkout@v3 + with: + # Full git history is needed to get a proper list of commits and tags + fetch-depth: 0 + + # We use ^{} to recursively deference the tag to get the commit the tag is pointing at. + # Then, we use that reference to create new tags, so that the new tags point to the commit + # the original tag was pointing to, and not to the original tag. + # This notation is documented at https://git-scm.com/docs/gitrevisions#Documentation/gitrevisions.txt-emltrevgtemegemv0998em + - name: Update Major Version and Latest Git Tag + run: | + git tag --force "${SEMVER_MAJOR_VERSION_WITH_PREFIX}" "${RELEASE_VERSION}^{}" + git tag --force latest "${RELEASE_VERSION}^{}" + git push --force origin "refs/tags/${SEMVER_MAJOR_VERSION_WITH_PREFIX}" "refs/tags/latest" + + - name: Update ${{ matrix.images.environment }} Deployment + uses: bobheadxi/deployments@v1.3.0 + if: always() + with: + step: finish + token: ${{ secrets.GITHUB_TOKEN }} + status: ${{ job.status }} + deployment_id: ${{ steps.deployment.outputs.deployment_id }} + env: ${{ steps.deployment.outputs.env }} + env_url: https://github.com/github/super-linter/releases/tag/${{ env.RELEASE_VERSION }} + + - name: Create Issue on Failure + if: failure() + uses: actions/github-script@v6 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + const create = await github.rest.issues.create({ + owner: context.repo.owner, + repo: context.repo.repo, + title: "Failed to deploy release to production", + body: "Automation has failed us! Failed to push release ${{ env.RELEASE_VERSION }}\nMore information can be found at:\n - ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + assignees: [ + 'lindluni' + ] + })