-
Notifications
You must be signed in to change notification settings - Fork 75
278 lines (253 loc) · 12.8 KB
/
create-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
name: Release Extension (v2)
on:
repository_dispatch:
types: [liquibase-release]
workflow_dispatch:
inputs:
liquibaseVersion:
description: "Liquibase Version"
required: true
extensionVersion:
description: "Container Version (Defaults to Liquibase Version)"
required: false
dryRun:
description: "Dry Run release"
required: true
type: boolean
default: false
jobs:
update-dockerfiles:
env:
LPM_VERSION: "0.2.8"
name: "Update Dockerfiles"
runs-on: ubuntu-latest
outputs:
liquibaseVersion: ${{ steps.collect-data.outputs.liquibaseVersion }}
extensionVersion: ${{ steps.collect-data.outputs.extensionVersion }}
dryRun: ${{ steps.collect-data.outputs.dryRun }}
minorVersion: ${{ steps.collect-data.outputs.minorVersion }}
latestCommitSha: ${{ steps.get-latest-sha.outputs.latestCommitSha }}
steps:
- name: Collect Data
id: collect-data
uses: actions/github-script@v7
with:
script: |
const getMinorVersion = (liquibaseVersion) => {
const arr = liquibaseVersion.split(".")
return `${arr[0]}.${arr[1]}`
}
if (context.payload.client_payload) {
const liquibaseVersion = context.payload.client_payload.liquibaseVersion
const dryRun = context.payload.client_payload.dryRun || false
const minorVersion = getMinorVersion(liquibaseVersion)
core.setOutput("liquibaseVersion", liquibaseVersion);
core.setOutput("extensionVersion", liquibaseVersion);
core.setOutput("minorVersion", minorVersion);
core.setOutput("dryRun", dryRun);
} else if (context.payload.inputs) {
const liquibaseVersion = context.payload.inputs.liquibaseVersion
const dryRun = context.payload.inputs.dryRun || false
const minorVersion = getMinorVersion(liquibaseVersion)
core.setOutput("liquibaseVersion", liquibaseVersion);
core.setOutput("extensionVersion", context.payload.inputs.extensionVersion || liquibaseVersion);
core.setOutput("minorVersion", minorVersion);
core.setOutput("dryRun", dryRun);
} else {
core.setFailed('Unknown event type')
}
- run: |
echo "Saw Liquibase version ${{ steps.collect-data.outputs.liquibaseVersion }}"
echo "Saw Extension version ${{ steps.collect-data.outputs.extensionVersion }}"
echo "Saw dryRun ${{ steps.collect-data.outputs.dryRun }}"
- uses: actions/checkout@v4
with:
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
ref: ${{ github.ref }}
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: "8"
distribution: "adopt"
- name: Configure git user
run: |
git config user.name "liquibot"
git config user.email "[email protected]"
- name: Update Dockerfile and commit changes
run: |
file_list=("Dockerfile" "Dockerfile.alpine")
LIQUIBASE_SHA=`curl -LsS https://github.com/liquibase/liquibase/releases/download/v${{ steps.collect-data.outputs.liquibaseVersion }}/liquibase-${{ steps.collect-data.outputs.liquibaseVersion }}.tar.gz | sha256sum | awk '{ print $1 }'`
LPM_SHA=`curl -LsS https://github.com/liquibase/liquibase-package-manager/releases/download/v${{ env.LPM_VERSION }}/lpm-${{ env.LPM_VERSION }}-linux.zip | sha256sum | awk '{ print $1 }'`
LPM_SHA_ARM=`curl -LsS https://github.com/liquibase/liquibase-package-manager/releases/download/v${{ env.LPM_VERSION }}/lpm-${{ env.LPM_VERSION }}-linux-arm64.zip | sha256sum | awk '{ print $1 }'`
for file in "${file_list[@]}"; do
sed -i 's/^ARG LIQUIBASE_VERSION=.*/ARG LIQUIBASE_VERSION='"${{ steps.collect-data.outputs.liquibaseVersion }}"'/' "${{ github.workspace }}/${file}"
sed -i 's/^ARG LB_SHA256=.*/ARG LB_SHA256='"$LIQUIBASE_SHA"'/' "${{ github.workspace }}/${file}"
sed -i 's/^ARG LPM_SHA256=.*/ARG LPM_SHA256='"$LPM_SHA"'/' "${{ github.workspace }}/${file}"
#sed -i 's/^ARG LPM_SHA256_ARM=.*/ARG LPM_SHA256_ARM='"$LPM_SHA_ARM"'/' "${{ github.workspace }}/${file}"
git add "${file}"
done
if git diff-index --cached --quiet HEAD --
then
echo "Nothing new to commit"
else
git commit -m "Liquibase Version Bumped to ${{ steps.collect-data.outputs.extensionVersion }}"
if [[ "${{ steps.collect-data.outputs.dryRun }}" == false ]]; then
git tag -fa -m "Version Bumped to ${{ steps.collect-data.outputs.extensionVersion }}" v${{ steps.collect-data.outputs.extensionVersion }}
git push -f "https://liquibot:[email protected]/$GITHUB_REPOSITORY.git" HEAD:${{ github.ref }} --follow-tags --tags
else
echo "Dry run mode: changes have not been pushed."
fi
fi
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
- name: Get latest commit SHA
id: get-latest-sha
run: echo "latestCommitSha=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
setup-update-draft-build:
name: "${{ matrix.image.name }}:${{ inputs.liquibaseVersion}}${{ matrix.image.suffix }}"
needs: update-dockerfiles
runs-on: ubuntu-latest
strategy:
matrix:
image: [
{dockerfile: Dockerfile, name: liquibase/liquibase, suffix: "", latest_tag: "latest"},
{dockerfile: Dockerfile.alpine, name: liquibase/liquibase, suffix: "-alpine", latest_tag: "alpine"},
]
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
ref: ${{ github.ref }}
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: "8"
distribution: "adopt"
- name: Release Notes
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
uses: softprops/action-gh-release@v2
with:
name: v${{ needs.update-dockerfiles.outputs.extensionVersion}}
tag_name: v${{ needs.update-dockerfiles.outputs.extensionVersion }}
draft: true
body: Support for Liquibase ${{ needs.update-dockerfiles.outputs.liquibaseVersion }}.
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to ECR Registry
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
uses: docker/login-action@v3
env:
AWS_REGION: us-east-1
with:
registry: public.ecr.aws
username: ${{ secrets.PUBLIC_ECR_ACCESS_KEY_ID }}
password: ${{ secrets.PUBLIC_ECR_SECRET_ACCESS_KEY }}
- name: Login to ECR Private Registry (dry-run)
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'true' }}
uses: docker/login-action@v3
env:
AWS_REGION: us-east-1
with:
registry: ${{ secrets.PRIVATE_ECR_DRY_RUN_REPO }}
username: ${{ secrets.PUBLIC_ECR_ACCESS_KEY_ID }}
password: ${{ secrets.PUBLIC_ECR_SECRET_ACCESS_KEY }}
- name: Build and Push Docker Image
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
env:
ECR_REGISTRY: public.ecr.aws/liquibase/liquibase
uses: docker/build-push-action@v6
with:
context: .
file: ${{ matrix.image.dockerfile }}
no-cache: true
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ matrix.image.name }}:${{ matrix.image.latest_tag }},${{ matrix.image.name }}:${{ needs.update-dockerfiles.outputs.extensionVersion }}${{ matrix.image.suffix }},${{ matrix.image.name }}:${{ needs.update-dockerfiles.outputs.minorVersion }}${{ matrix.image.suffix }},${{ env.ECR_REGISTRY }}:${{ matrix.image.latest_tag }},${{ env.ECR_REGISTRY }}:${{ needs.update-dockerfiles.outputs.extensionVersion }}${{ matrix.image.suffix }},${{ env.ECR_REGISTRY }}:${{ needs.update-dockerfiles.outputs.minorVersion }}${{ matrix.image.suffix }}
- name: Build and Push Docker Image (dry-run)
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'true' }}
env:
ECR_REGISTRY: ${{ secrets.PRIVATE_ECR_DRY_RUN_REPO }}
uses: docker/build-push-action@v6
with:
context: .
file: ${{ matrix.image.dockerfile }}
no-cache: true
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ env.ECR_REGISTRY }}:${{ matrix.image.latest_tag }},${{ env.ECR_REGISTRY }}:${{ needs.update-dockerfiles.outputs.extensionVersion }}${{ matrix.image.suffix }},${{ env.ECR_REGISTRY }}:${{ needs.update-dockerfiles.outputs.minorVersion }}${{ matrix.image.suffix }}
update-official-repo:
name: "Update Official Docker Repo"
needs: update-dockerfiles
runs-on: ubuntu-latest
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
steps:
- name: Extract major.minor version
id: extract_version
run: |
VERSION="${{ needs.update-dockerfiles.outputs.liquibaseVersion }}"
echo "MAJOR_MINOR=${VERSION%.*}" >> $GITHUB_ENV
echo "VERSION: $VERSION"
echo "MAJOR_MINOR: ${VERSION%.*}"
- name: Check out liquibase/official-images
uses: actions/checkout@v4
with:
repository: liquibase/official-images
ref: master
token: ${{ env.GITHUB_TOKEN }}
- name: Update library/liquibase in liquibase/official-images
run: |
echo "Maintainers: Jake Newton <[email protected]> (@jnewton03)" > library/liquibase
echo "Architectures: arm64v8, amd64" >> library/liquibase
echo "GitRepo: https://github.com/liquibase/docker.git" >> library/liquibase
echo "" >> library/liquibase
echo "Tags: ${{ env.MAJOR_MINOR }}, ${{ needs.update-dockerfiles.outputs.liquibaseVersion }}, latest" >> library/liquibase
echo "GitFetch: refs/heads/main" >> library/liquibase
echo "GitCommit: ${{ needs.update-dockerfiles.outputs.latestCommitSha }}" >> library/liquibase
echo "File: Dockerfile" >> library/liquibase
echo "" >> library/liquibase
echo "Tags: ${{ env.MAJOR_MINOR }}-alpine, ${{ needs.update-dockerfiles.outputs.liquibaseVersion }}-alpine, alpine" >> library/liquibase
echo "GitFetch: refs/heads/main" >> library/liquibase
echo "GitCommit: ${{ needs.update-dockerfiles.outputs.latestCommitSha }}" >> library/liquibase
echo "File: Dockerfile.alpine" >> library/liquibase
git add library/liquibase
if git diff-index --cached --quiet HEAD --
then
echo "Nothing new to commit"
else
git config user.name "liquibot"
git config user.email "[email protected]"
git commit -m "Update library/liquibase to ${{ needs.update-dockerfiles.outputs.liquibaseVersion }}"
if [[ "${{ needs.update-dockerfiles.outputs.dryRun }}" == false ]]; then
git push https://liquibot:[email protected]/liquibase/official-images.git
else
echo "Dry run mode: changes have not been pushed."
fi
fi
- name: Create Official Docker Pull Request
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
id: create_pr
run: |
response=$(curl \
-X POST \
-H "Authorization: token ${{ env.GITHUB_TOKEN }}" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/docker-library/official-images/pulls \
-d '{
"title": "Update library/liquibase to ${{ needs.update-dockerfiles.outputs.liquibaseVersion }}",
"body": "Update library/liquibase with latest commit and version",
"head": "liquibase:master",
"base": "master"
}')
pr_url=$(echo $response | jq -r '.html_url')
echo "PR_URL=$pr_url" >> $GITHUB_ENV
- name: Adding Official Docker PR to job summary
if: ${{ needs.update-dockerfiles.outputs.dryRun == 'false' }}
run: echo '### 🚀 Official Docker PR -> ${{ env.PR_URL }}' >> $GITHUB_STEP_SUMMARY