diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ac7b1afee3..e8f59d6413 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -23,68 +23,68 @@ jobs: id-token: write repository-projects: read steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Job Settings - run: | - echo "Release Job Arguments" - if ${{ github.event.inputs.release_candidate }}; then - v="v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }})" - if [ -n "${{ github.event.inputs.prerelease }}" ]; then - echo "Candidate: $v" - else - echo "Candidate: $v (taken from source)" - fi - else - v="v$(go run $GITHUB_WORKSPACE/api/version/generate print-version)" - echo "Final Release: $v" + - name: Job Settings + run: | + echo "Release Job Arguments" + if ${{ github.event.inputs.release_candidate }}; then + v="v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }})" + if [ -n "${{ github.event.inputs.prerelease }}" ]; then + echo "Candidate: $v" + else + echo "Candidate: $v (taken from source)" fi + else + v="v$(go run $GITHUB_WORKSPACE/api/version/generate print-version)" + echo "Final Release: $v" + fi - - name: Set Base Version - run: | - BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) - echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV + - name: Set Base Version + run: | + BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) + echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV - - name: Set Pre-Release Version - if: inputs.release_candidate == true - run: | - RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + - name: Set Pre-Release Version + if: inputs.release_candidate == true + run: | + RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - - name: Set Version - if: inputs.release_candidate == false - run: | - RELEASE_VERSION=${{env.BASE_VERSION}} - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + - name: Set Version + if: inputs.release_candidate == false + run: | + RELEASE_VERSION=${{env.BASE_VERSION}} + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - - name: Check Tag - run: | - set -e - if git ls-remote --exit-code origin refs/tags/${{ env.RELEASE_VERSION }} ; then - >&2 echo "tag ${{ env.RELEASE_VERSION }} already exists" - exit 1 - fi + - name: Check Tag + run: | + set -e + if git ls-remote --exit-code origin refs/tags/${{ env.RELEASE_VERSION }} ; then + >&2 echo "tag ${{ env.RELEASE_VERSION }} already exists" + exit 1 + fi - - name: Check Branch - if: inputs.release_candidate == false && github.ref == 'refs/heads/main' - run: | - set -e - if git ls-remote --exit-code origin refs/heads/releases/${{ env.RELEASE_VERSION }} ; then - >&2 echo "branch releases/${{ env.RELEASE_VERSION }} already exists" - exit 1 - fi + - name: Check Branch + if: inputs.release_candidate == false && github.ref == 'refs/heads/main' + run: | + set -e + if git ls-remote --exit-code origin refs/heads/releases/${{ env.RELEASE_VERSION }} ; then + >&2 echo "branch releases/${{ env.RELEASE_VERSION }} already exists" + exit 1 + fi - - name: Get Draft Release Notes - id: release-notes - uses: cardinalby/git-get-release-action@v1 - env: - GITHUB_TOKEN: ${{ github.token }} - with: - draft: true - releaseName: ${{ env.BASE_VERSION }} + - name: Get Draft Release Notes + id: release-notes + uses: cardinalby/git-get-release-action@v1 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + draft: true + releaseName: ${{ env.BASE_VERSION }} lint-and-test: name: Lint and Unit Tests @@ -103,8 +103,8 @@ jobs: release: needs: - - lint-and-test - - components + - lint-and-test + - components name: Release Build runs-on: large_runner permissions: @@ -112,161 +112,161 @@ jobs: id-token: write packages: write steps: - - name: Self Hosted Runner Post Job Cleanup Action - uses: TooMuch4U/actions-clean@v2.2 - - name: Generate token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.OCMBOT_APP_ID }} - private_key: ${{ secrets.OCMBOT_PRIV_KEY }} - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - token: ${{ steps.generate_token.outputs.token }} + - name: Self Hosted Runner Post Job Cleanup Action + uses: TooMuch4U/actions-clean@v2.2 + - name: Generate token + id: generate_token + uses: tibdex/github-app-token@v2 + with: + app_id: ${{ secrets.OCMBOT_APP_ID }} + private_key: ${{ secrets.OCMBOT_PRIV_KEY }} + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.generate_token.outputs.token }} - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: '${{ github.workspace }}/go.mod' - check-latest: false + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: '${{ github.workspace }}/go.mod' + check-latest: false - - name: Setup Syft - uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2 + - name: Setup Syft + uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2 - - name: Setup Cosign - uses: sigstore/cosign-installer@v3.6.0 + - name: Setup Cosign + uses: sigstore/cosign-installer@v3.6.0 - - name: Setup git config - run: | - git config user.name "GitHub Actions Bot" - git config user.email "<41898282+github-actions[bot]@users.noreply.github.com>" + - name: Setup git config + run: | + git config user.name "GitHub Actions Bot" + git config user.email "<41898282+github-actions[bot]@users.noreply.github.com>" - - name: Set Base Version - run: | - BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) - echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV + - name: Set Base Version + run: | + BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) + echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV - - name: Set Pre-Release Version - if: inputs.release_candidate == true - run: | - RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - echo "release name is $RELEASE_VERSION" + - name: Set Pre-Release Version + if: inputs.release_candidate == true + run: | + RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + echo "release name is $RELEASE_VERSION" - - name: Set Version - if: inputs.release_candidate == false - run: | - RELEASE_VERSION=${{env.BASE_VERSION}} - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - echo "release name is $RELEASE_VERSION" + - name: Set Version + if: inputs.release_candidate == false + run: | + RELEASE_VERSION=${{env.BASE_VERSION}} + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + echo "release name is $RELEASE_VERSION" - - name: Get Draft Release Notes - id: release-notes - uses: cardinalby/git-get-release-action@v1 - env: - GITHUB_TOKEN: ${{ github.token }} - with: - draft: true - releaseName: ${{ env.BASE_VERSION }} + - name: Get Draft Release Notes + id: release-notes + uses: cardinalby/git-get-release-action@v1 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + draft: true + releaseName: ${{ env.BASE_VERSION }} - - name: Update Release Notes File - env: - RELEASE_NOTES: ${{ steps.release-notes.outputs.body }} - GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} - run: | - if git ls-remote --exit-code origin refs/tags/${{ env.RELEASE_VERSION }}; then - >&2 echo "tag ${{ env.RELEASE_VERSION }} already exists" - exit 2 - fi - v="${{env.RELEASE_VERSION}}" - f="docs/releasenotes/$v.md" - if [ ! -f "$f" ]; then - echo "# Release ${{ env.RELEASE_VERSION }}" > "$f" - echo "$RELEASE_NOTES" | tail -n +2 >> "$f" - echo "RELEASE_NOTES_FILE=$f" >> $GITHUB_ENV - git add "$f" - git commit -m "ReleaseNotes for $RELEASE_VERSION" - git push origin ${GITHUB_REF#refs/heads/} - else - echo "Using release notes file $f from code base" - fi + - name: Update Release Notes File + env: + RELEASE_NOTES: ${{ steps.release-notes.outputs.body }} + GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} + run: | + if git ls-remote --exit-code origin refs/tags/${{ env.RELEASE_VERSION }}; then + >&2 echo "tag ${{ env.RELEASE_VERSION }} already exists" + exit 2 + fi + v="${{env.RELEASE_VERSION}}" + f="docs/releasenotes/$v.md" + if [ ! -f "$f" ]; then + echo "# Release ${{ env.RELEASE_VERSION }}" > "$f" + echo "$RELEASE_NOTES" | tail -n +2 >> "$f" + echo "RELEASE_NOTES_FILE=$f" >> $GITHUB_ENV + git add "$f" + git commit -m "ReleaseNotes for $RELEASE_VERSION" + git push origin ${GITHUB_REF#refs/heads/} + else + echo "Using release notes file $f from code base" + fi - - name: Create and Push Release - env: - GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} - run: | - # git checkout --detach HEAD - echo -n "${RELEASE_VERSION#v}" > VERSION - git add VERSION - git commit -m "Release $RELEASE_VERSION" - msg="Release ${{ env.RELEASE_VERSION }}" - git tag --annotate --message "${msg}" ${{ env.RELEASE_VERSION }} - git push origin ${{ env.RELEASE_VERSION }} + - name: Create and Push Release + env: + GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} + run: | + # git checkout --detach HEAD + echo -n "${RELEASE_VERSION#v}" > VERSION + git add VERSION + git commit -m "Release $RELEASE_VERSION" + msg="Release ${{ env.RELEASE_VERSION }}" + git tag --annotate --message "${msg}" ${{ env.RELEASE_VERSION }} + git push origin ${{ env.RELEASE_VERSION }} - - name: Create GPG Token file from Secret - run: | - echo "${{ secrets.GPG_PRIVATE_KEY_FOR_SIGNING }}" > ocm-releases-key.gpg - echo "GPG_KEY_PATH=ocm-releases-key.gpg" >> $GITHUB_ENV + - name: Create GPG Token file from Secret + run: | + echo "${{ secrets.GPG_PRIVATE_KEY_FOR_SIGNING }}" > ocm-releases-key.gpg + echo "GPG_KEY_PATH=ocm-releases-key.gpg" >> $GITHUB_ENV - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v6 - with: - distribution: goreleaser - version: 2.1.0 - args: release --clean --timeout 60m --skip=validate --config=.github/config/goreleaser.yaml --release-notes=${{ env.RELEASE_NOTES_FILE }} - env: - GITHUBORG: ${{ github.repository_owner }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - HOMEBREW_TAP_GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} - GORELEASER_CURRENT_TAG: ${{ env.RELEASE_VERSION }} - NFPM_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser + version: 2.1.0 + args: release --clean --timeout 60m --skip=validate --config=.github/config/goreleaser.yaml --release-notes=${{ env.RELEASE_NOTES_FILE }} + env: + GITHUBORG: ${{ github.repository_owner }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + HOMEBREW_TAP_GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} + GORELEASER_CURRENT_TAG: ${{ env.RELEASE_VERSION }} + NFPM_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - - name: Push OCM Components - env: - GITHUBORG: ${{ github.repository_owner }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: make plain-push + - name: Push OCM Components + env: + GITHUBORG: ${{ github.repository_owner }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: make plain-push - - name: Create Release Branch - if: inputs.release_candidate == false && github.ref == 'refs/heads/main' - run: | - n="releases/${{env.RELEASE_VERSION}}" - git checkout -b "$n" - v="$(go run ./api/version/generate bump-patch)" - echo "$v" > VERSION - git add VERSION - git commit -m "Prepare Development of v$v" - git push origin "$n" + - name: Create Release Branch + if: inputs.release_candidate == false && github.ref == 'refs/heads/main' + run: | + n="releases/${{env.RELEASE_VERSION}}" + git checkout -b "$n" + v="$(go run ./api/version/generate bump-patch)" + echo "$v" > VERSION + git add VERSION + git commit -m "Prepare Development of v$v" + git push origin "$n" - - name: Bump Version File - if: inputs.release_candidate == false - run: | - set -e - git checkout ${GITHUB_REF#refs/heads/} - v="$(go run ./api/version/generate bump-version)" - echo "$v" > VERSION - git add VERSION - git commit -m "Update version file to $v" - git push origin ${GITHUB_REF#refs/heads/} - echo "Next branch version is $v" + - name: Bump Version File + if: inputs.release_candidate == false + run: | + set -e + git checkout ${GITHUB_REF#refs/heads/} + v="$(go run ./api/version/generate bump-version)" + echo "$v" > VERSION + git add VERSION + git commit -m "Update version file to $v" + git push origin ${GITHUB_REF#refs/heads/} + echo "Next branch version is $v" - - name: Delete Older Release Branches - if: github.ref == 'refs/heads/main' - run: | - set -e - git fetch --prune - for branch in $(git branch -r | grep 'origin/releases/' | grep -v 'origin/releases/${{ env.RELEASE_VERSION }}'); do - branch_name=$(echo $branch | sed 's|origin/||') - echo "Deleting branch $branch_name" - done + - name: Delete Older Release Branches + if: github.ref == 'refs/heads/main' + run: | + set -e + git fetch --prune + for branch in $(git branch -r | grep 'origin/releases/' | grep -v 'origin/releases/${{ env.RELEASE_VERSION }}'); do + branch_name=$(echo $branch | sed 's|origin/||') + echo "Deleting branch $branch_name" + done - - name: Publish Release Event - if: inputs.release_candidate == false - uses: peter-evans/repository-dispatch@v3 - with: - token: ${{ steps.generate_token.outputs.token }} - repository: open-component-model/ocm-website - event-type: ocm-cli-release - client-payload: '{"tag": "${{ env.RELEASE_VERSION }}"}' + - name: Publish Release Event + if: inputs.release_candidate == false + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ steps.generate_token.outputs.token }} + repository: open-component-model/ocm-website + event-type: ocm-cli-release + client-payload: '{"tag": "${{ env.RELEASE_VERSION }}"}'