Skip to content

Merge pull request #40 from brett-hodges/main-docs-update #49

Merge pull request #40 from brett-hodges/main-docs-update

Merge pull request #40 from brett-hodges/main-docs-update #49

name: Release with Platform builds
on:
workflow_dispatch:
inputs:
skip_signing:
description: 'Skip code signing'
required: true
default: false
type: boolean
release_tag:
description: 'Release tag'
required: true
type: string
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
INIT_IMAGE_NAME: ${{ github.repository }}-init
permissions:
contents: write
pull-requests: write
packages: write
id-token: write
attestations: write
jobs:
build-macos:
runs-on: macos-latest
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
## install build dependencies for frontend generation
- name: Install Node.js
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version-file: './frontend/dev-mode/.nvmrc'
- name: Install pnpm
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: 8.0.0
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: 'go.mod'
- name: Import Apple Code Signing Certificates
if: ${{ github.event_name != 'workflow_dispatch' || !inputs.skip_signing }}
uses: Apple-Actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0
with:
version: latest
distribution: goreleaser
args: release --clean --snapshot --config ./.goreleaser.darwin.yaml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}}
APPLE_ID: ${{ vars.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}}
- name: Notarize the macOS binary
env:
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}}
APPLE_ID: ${{ vars.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}}
shell: bash
run: |
./build/scripts/sign ./dist/kitops-darwin-arm64.zip
./build/scripts/sign ./dist/kitops-darwin-x86_64.zip
- name: Upload macOS artifacts
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
with:
name: dist-macos
if-no-files-found: error
retention-days: 7
path: |
./dist/*.zip
./dist/*.tar.gz
build-windows:
runs-on: windows-latest
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: 'go.mod'
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0
with:
version: latest
distribution: goreleaser
args: release --clean --snapshot --config ./.goreleaser.windows.yaml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Windows artifacts
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
with:
name: dist-windows
if-no-files-found: error
retention-days: 7
path: |
./dist/*.zip
build-linux:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: 'go.mod'
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0
with:
version: latest
distribution: goreleaser
args: release --clean --snapshot --config ./.goreleaser.linux.yaml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Linux artifacts
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
with:
name: dist-linux
if-no-files-found: error
retention-days: 7
path: |
./dist/*.tar.gz
# Creates a release using artifacts created in the previous steps.
# workflow_dispatch triggered versions will be draft releases.
# CLI docs are not updated for workflow_dispatch triggered versions.
release:
runs-on: ubuntu-latest
needs: [build-linux, build-macos, build-windows]
steps:
# checkout the current repository
- name: Checkout kitops
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
path: kitops
# Create the homebrew-file directory to store the
# homebrew artifacts
- name: Create homebrew-files dir
run: mkdir homebrew-files
# Copy the awk script and template to the homebrew-files dir.
# These will be used later to build the homebrew recipe file.
- name: Copy homebrew artifacts to homebrew-files dir
run: cp ./kitops/build/homebrew/*.* ./homebrew-files
- name: Merge build artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.3
with:
path: dist
pattern: dist-*
merge-multiple: true
- name: Create checksums
env:
TAG_NAME: ${{ inputs.release_tag || github.ref_name}}
#TAG_NAME: ${{ inputs.release_tag}}
run: |
shopt -s failglob
pushd dist
shasum -a 256 kitops-* > checksums.txt
mv checksums.txt kitops_${TAG_NAME}_checksums.txt
cp kitops_${TAG_NAME}_checksums.txt ../homebrew-files/.
popd
# upload the homebrew-files directory (and its contents)
# as an artifact to be used later when generating the
# homebrew recipe and pushing it to the repository:
# 'jozu-ai/homebrew-kitops'
- name: Upload homebrew-files as a build artifact
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
with:
name: homebrew-files
if-no-files-found: error
retention-days: 7
path: ./homebrew-files
- name: Create Release
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG_NAME: ${{ inputs.release_tag || github.ref_name}}
REPO: ${{ github.repository }}
DRAFT_RELEASE: ${{ github.event_name == 'workflow_dispatch' }}
run: |
echo "Creating release for ${TAG_NAME}"
release_args=(
${TAG_NAME}
./dist/*.*
--title "Release ${TAG_NAME}"
--generate-notes
--repo ${REPO}
)
if [[ "${DRAFT_RELEASE}" == "false" ]]; then
previous_release="$(gh release list --repo $REPO --limit 1 --json tagName --jq '.[] | .tagName ')"
echo "Previous release: ${previous_release}"
release_args+=( --latest )
release_args+=( --verify-tag )
release_args+=( --notes-start-tag "${previous_release}" )
else
release_args+=( --draft )
fi
gh release create "${release_args[@]}"
- name: Generate CLI documentation
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG_NAME: ${{ inputs.release_tag || github.ref_name}}
run: |
pushd kitops
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
PR_BRANCH="${{ github.ref_name }}-docs-update"
git fetch origin main
git branch "$PR_BRANCH"
git checkout "$PR_BRANCH"
git pull origin --ff-only "${PR_BRANCH}" || true
git config --global user.name "${GITHUB_ACTOR}"
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com"
(cd docs; npm pkg set version=$TAG_NAME)
./docs/src/docs/cli/generate.sh > /dev/null
git add --all
git commit -m "docs: update CLI documentation for ${{ github.ref_name }}"
git push origin "${PR_BRANCH}"
gh pr create --fill --base main --head "${PR_BRANCH}"
git checkout "${CURRENT_BRANCH}"
popd
# Generate and publish the homebrew recipe (kitops.rb) to the repository:
# 'jozu-ai/homebrew-kitops'
publish-homebrew-tap-formula:
runs-on: ubuntu-latest
needs: [release]
steps:
# checkout the homebrew-kitops repository (jozu-ai/homebrew-kitops)
- name: Checkout homebrew-kitops
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
###### CHANGE THIS TO jozu-ai/homebrew-kitops ######
repository: brett-hodges/homebrew-kitops
ref: 'main'
path: homebrew-kitops
token: ${{ secrets.MY_PAT }}
- name: Download the homebrew artifacts to build the homebrew recipe
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.3
with:
name: homebrew-files
path: homebrew-files
merge-multiple: true
- name: Create and save homebrew-metadata.txt
env:
TAG_NAME: ${{ inputs.release_tag}}
REPO: ${{ github.repository }}
run: |
shopt -s failglob
pushd homebrew-files
awk '
BEGIN { tag_name = ENVIRON["TAG_NAME"]; repo = ENVIRON["REPO"];}
/.tar.gz$/ {
print "\""$1"\"",
"\"https://github.com/" repo "/releases/download/" tag_name "/" $2 "\"",
$2,
tag_name }' kitops_${TAG_NAME}_checksums.txt |
awk '{ sub(/.tar.gz/, "", $3); print $1, $2, $3, $4 }' |
awk '{ sub(/kitops-/, "", $3); print $1, $2, $3, $4 }' |
awk '{sub(/v/, "", $4); print $1, $2, $3, $4 }' > homebrew-metadata.txt
popd
# uses the homebrew-metadata.txt file generated in the
# previous step to generate the homebrew formula (kitops.rb)
# for the homebrew tap (located at 'jozu-ai/homebrew-kitops')
- name: Create homebrew formula
run: |
pushd homebrew-files
awk -f create-homebrew-recipe.awk homebrew-metadata.txt
popd
# publish the homebrew recipe file to the homebrew tap
# located in the repository: 'jozu-ai/homebrew-kitops'
- name: Commit homebrew recipe to the homebrew tap
env:
GITHUB_TOKEN: ${{ secrets.MY_PAT }}
TAG_NAME: ${{ inputs.release_tag}}
##### CHANGE REPO TO jozu-ai/homebrew-kitops
REPO: "brett-hodges/homebrew-kitops"
run: |
cp -f ./homebrew-files/homebrew-metadata.txt ./homebrew-kitops/.
cp -f ./homebrew-files/kitops.rb ./homebrew-kitops/.
pushd homebrew-kitops
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
PR_BRANCH="${{ github.ref_name }}-homebrew-tap-update"
git fetch origin main
git branch "$PR_BRANCH"
git checkout "$PR_BRANCH"
git pull origin --ff-only "${PR_BRANCH}" || true
git config --global user.name "${GITHUB_ACTOR}"
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com"
git add --all
git commit -m "homebrew: update Homebrew Tap Formula for ${{ github.ref_name }}"
git push origin "${PR_BRANCH}"
gh pr create --fill --base main --head "${PR_BRANCH}"
git checkout "${CURRENT_BRANCH}"
popd
docker-image-build:
runs-on: ubuntu-latest
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Login to ghcr.io
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Build and push base Kit container
id: build-kit-container
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
platforms: linux/amd64,linux/arm64
push: true
context: build/dockerfiles
file: build/dockerfiles/release.Dockerfile
build-args: |
KIT_VERSION=${{ github.ref_name }}
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
annotations: |
index:org.opencontainers.image.description=Official release Kit CLI container
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops
index:org.opencontainers.image.licenses=Apache-2.0
- name: Build and push Kit init container
id: build-kit-init-container
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
platforms: linux/amd64,linux/arm64
push: true
context: build/dockerfiles/init
file: build/dockerfiles/init/Dockerfile
build-args: |
KIT_BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-kit-container.outputs.digest }}
tags: |
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:${{ github.ref_name }}
annotations: |
index:org.opencontainers.image.description=Kit CLI init container
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops
index:org.opencontainers.image.licenses=Apache-2.0
- name: Generate artifact attestation for base container
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.build-kit-container.outputs.digest }}
push-to-registry: true
- name: Generate artifact attestation for base container
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-name: ${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}
subject-digest: ${{ steps.build-kit-init-container.outputs.digest }}
push-to-registry: true