bump dependencies to fix CVE alerts #21
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| jobs: | |
| docker_build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v2 | |
| - | |
| name: Docker meta | |
| id: docker_meta | |
| uses: crazy-max/ghaction-docker-meta@v1 | |
| with: | |
| images: quay.io/jetstack/cert-manager-google-cas-issuer | |
| tag-semver: | | |
| {{version}} | |
| {{major}}.{{minor}} | |
| - | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - | |
| name: Login to quay.io | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - | |
| name: Build and push | |
| uses: docker/build-push-action@v2 | |
| if: ${{ !env.ACT }} | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le | |
| push: true | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| prepare_release: | |
| runs-on: ubuntu-latest | |
| container: golang:1.19 | |
| steps: | |
| - | |
| name: extract version | |
| id: extract_version | |
| run: /bin/bash -c 'echo ::set-output name=VERSION::$(echo ${GITHUB_REF##*/} | cut -c2-)' | |
| - | |
| name: install controller-gen | |
| run: go install sigs.k8s.io/controller-tools/cmd/[email protected] | |
| - | |
| name: checkout repository | |
| uses: actions/checkout@v2 | |
| - | |
| name: install helm | |
| shell: bash | |
| run: make depend | |
| - | |
| name: generate deployment manifests | |
| id: deploy | |
| shell: bash | |
| run: | | |
| ./bin/helm template deploy/charts/google-cas-issuer --set image.tag=${GITHUB_REF##*/} | tee google-cas-issuer-${GITHUB_REF##*/}.yaml | |
| - | |
| name: create release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref }} | |
| release_name: Release ${{ github.ref }} | |
| draft: true | |
| prerelease: false | |
| body: | | |
| Docker images are available at `quay.io/jetstack/cert-manager-google-cas-issuer:${{ steps.extract_version.outputs.VERSION }}` | |
| One-line install: `kubectl apply -f https://github.com/jetstack/google-cas-issuer/releases/download/v${{ steps.extract_version.outputs.VERSION }}/google-cas-issuer-v${{ steps.extract_version.outputs.VERSION }}.yaml` | |
| - name: Upload Release Asset | |
| id: upload-release-asset | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps | |
| asset_path: ./google-cas-issuer-v${{ steps.extract_version.outputs.VERSION }}.yaml | |
| asset_name: google-cas-issuer-v${{ steps.extract_version.outputs.VERSION }}.yaml | |
| asset_content_type: application/x-yaml | |