Release with Platform builds #32
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release with Platform builds | |
on: | |
workflow_dispatch: | |
inputs: | |
skip_signing: | |
description: 'Skip code signing' | |
required: true | |
default: false | |
type: boolean | |
release_tag: | |
description: 'Release tag' | |
required: true | |
type: string | |
push: | |
tags: | |
- 'v*' | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
INIT_IMAGE_NAME: ${{ github.repository }}-init | |
permissions: | |
contents: write | |
pull-requests: write | |
packages: write | |
id-token: write | |
attestations: write | |
jobs: | |
build-macos: | |
runs-on: macos-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
## install build dependencies for frontend generation | |
- name: Install Node.js | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: './frontend/dev-mode/.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
with: | |
version: 8.0.0 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Import Apple Code Signing Certificates | |
if: ${{ github.event_name != 'workflow_dispatch' || !inputs.skip_signing }} | |
uses: Apple-Actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0 | |
with: | |
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} | |
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.darwin.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}} | |
APPLE_ID: ${{ vars.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}} | |
- name: Notarize the macOS binary | |
env: | |
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}} | |
APPLE_ID: ${{ vars.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}} | |
shell: bash | |
run: | | |
./build/scripts/sign ./dist/kitops-darwin-arm64.zip | |
./build/scripts/sign ./dist/kitops-darwin-x86_64.zip | |
- name: Upload macOS artifacts | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: dist-macos | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.zip | |
./dist/*.tar.gz | |
build-windows: | |
runs-on: windows-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.windows.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload Windows artifacts | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: dist-windows | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.zip | |
build-linux: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.linux.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload Linux artifacts | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: dist-linux | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.tar.gz | |
# Creates a release with the artifacts from the previous steps. | |
# workflow_dispatch triggered versions will be draft releases. | |
# CLI docs are not updated for workflow_dispatch triggered versions. | |
release: | |
runs-on: ubuntu-latest | |
needs: [build-linux, build-macos, build-windows] | |
steps: | |
# checkout the current repository | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
# checkout the homebrew-kitops repository (jozu-ai/homebrew-kitops) | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
###### CHANGE THIS TO jozu-ai/homebrew-kitops ###### | |
repository: brett-hodges/homebrew-kitops | |
token: ${{ secrets.GITHUB_TOKEN }} | |
path: homebrew-kitops | |
- name: List Directory | |
run: ls | |
- name: Merge built artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.3 | |
with: | |
path: dist | |
pattern: dist-* | |
merge-multiple: true | |
- name: Create Checksums | |
env: | |
TAG_NAME: ${{ github.ref_name}} | |
run: | | |
shopt -s failglob | |
pushd dist | |
shasum -a 256 kitops-* > checksums.txt | |
mv checksums.txt kitops_${TAG_NAME}_checksums.txt | |
popd | |
# uses the checksums created above to generate the homebrew recipe | |
# file needed for the homebrew tap 'jozu-ai/homebrew-kitops' | |
- name: Create Homebrew Formula | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ github.ref_name}} | |
REPO: ${{ github.repository }} | |
run: | | |
shopt -s failglob | |
pushd dist | |
awk ' | |
BEGIN { tag_name = ENVIRON["TAG_NAME"]; repo = ENVIRON["REPO"];} | |
/.tar.gz$/ { | |
print "\""$1"\"", | |
"\"https://github.com/" repo "/releases/download/" tag_name "/" $2 "\"", | |
$2, | |
tag_name }' kitops_${TAG_NAME}_checksums.txt | | |
awk '{ sub(/.tar.gz/, "", $3); print $1, $2, $3, $4 }' | | |
awk '{ sub(/kitops-/, "", $3); print $1, $2, $3, $4 }' | | |
awk '{sub(/v/, "", $4); print $1, $2, $3, $4 }' > homebrew-metadata.txt | |
mv homebrew-metadata.txt ../build/homebrew/homebrew-metadata.txt | |
popd | |
pushd build/homebrew | |
awk -f create-homebrew-recipe.awk homebrew-metadata.txt | |
cp kitops.rb ../../homebrew-kitops/. | |
popd | |
# Commit the Homebrew Formula to the current repo: jozu-ai/kitops | |
- name: Commit Homebrew Formula | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ github.ref_name}} | |
REPO: ${{ github.repository }} | |
run: | | |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) | |
PR_BRANCH="${{ github.ref_name }}-homebrew-update" | |
git fetch origin main | |
git branch "$PR_BRANCH" | |
git checkout "$PR_BRANCH" | |
git pull origin --ff-only "${PR_BRANCH}" || true | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com" | |
cd build/homebrew | |
git add --all | |
git commit -m "homebrew: update Homebrew Formula for ${{ github.ref_name }}" | |
git push origin "${PR_BRANCH}" | |
gh pr create --fill --base main --head "${PR_BRANCH}" | |
git checkout "${CURRENT_BRANCH}" | |
# Commit the Homebrew Formula to the repo: jozu-ai/homebrew-kitops | |
##### CHANGE REPO TO jozu-ai/homebrew-kitops | |
- name: Commit Homebrew Formula to Tap | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ github.ref_name}} | |
REPO: "brett-hodges/homebrew-kitops" | |
run: | | |
cd homebrew-kitops | |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) | |
PR_BRANCH="${{ github.ref_name }}-homebrew-tap-update" | |
git fetch origin main | |
git branch "$PR_BRANCH" | |
git checkout "$PR_BRANCH" | |
git pull origin --ff-only "${PR_BRANCH}" || true | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com" | |
git add --all | |
git commit -m "homebrew: update Homebrew Tap Formula for ${{ github.ref_name }}" | |
git push origin "${PR_BRANCH}" | |
gh pr create --fill --base main --head "${PR_BRANCH}" | |
git checkout "${CURRENT_BRANCH}" | |
- name: Create Release | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ inputs.release_tag || github.ref_name}} | |
REPO: ${{ github.repository }} | |
DRAFT_RELEASE: ${{ github.event_name == 'workflow_dispatch' }} | |
run: | | |
echo "Creating release for ${TAG_NAME}" | |
release_args=( | |
${TAG_NAME} | |
./dist/*.* | |
--title "Release ${TAG_NAME}" | |
--generate-notes | |
--repo ${REPO} | |
) | |
if [[ "${DRAFT_RELEASE}" == "false" ]]; then | |
previous_release="$(gh release list --repo $REPO --limit 1 --json tagName --jq '.[] | .tagName ')" | |
echo "Previous release: ${previous_release}" | |
release_args+=( --latest ) | |
release_args+=( --verify-tag ) | |
release_args+=( --notes-start-tag "${previous_release}" ) | |
else | |
release_args+=( --draft ) | |
fi | |
gh release create "${release_args[@]}" | |
- name: Generate CLI documentation | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ inputs.release_tag || github.ref_name}} | |
run: | | |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) | |
PR_BRANCH="${{ github.ref_name }}-docs-update" | |
git fetch origin main | |
git branch "$PR_BRANCH" | |
git checkout "$PR_BRANCH" | |
git pull origin --ff-only "${PR_BRANCH}" || true | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com" | |
(cd docs; npm pkg set version=$TAG_NAME) | |
./docs/src/docs/cli/generate.sh > /dev/null | |
git add --all | |
git commit -m "docs: update CLI documentation for ${{ github.ref_name }}" | |
git push origin "${PR_BRANCH}" | |
gh pr create --fill --base main --head "${PR_BRANCH}" | |
git checkout "${CURRENT_BRANCH}" | |
docker-image-build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 | |
- name: Login to ghcr.io | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Build and push base Kit container | |
id: build-kit-container | |
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
context: build/dockerfiles | |
file: build/dockerfiles/release.Dockerfile | |
build-args: | | |
KIT_VERSION=${{ github.ref_name }} | |
tags: | | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} | |
annotations: | | |
index:org.opencontainers.image.description=Official release Kit CLI container | |
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops | |
index:org.opencontainers.image.licenses=Apache-2.0 | |
- name: Build and push Kit init container | |
id: build-kit-init-container | |
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
context: build/dockerfiles/init | |
file: build/dockerfiles/init/Dockerfile | |
build-args: | | |
KIT_BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-kit-container.outputs.digest }} | |
tags: | | |
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:latest | |
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:${{ github.ref_name }} | |
annotations: | | |
index:org.opencontainers.image.description=Kit CLI init container | |
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops | |
index:org.opencontainers.image.licenses=Apache-2.0 | |
- name: Generate artifact attestation for base container | |
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 | |
with: | |
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
subject-digest: ${{ steps.build-kit-container.outputs.digest }} | |
push-to-registry: true | |
- name: Generate artifact attestation for base container | |
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 | |
with: | |
subject-name: ${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }} | |
subject-digest: ${{ steps.build-kit-init-container.outputs.digest }} | |
push-to-registry: true |