3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 02:16:28 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/.github/workflows/release.yaml
Caleb Doxsey c47055bece
upgrade to go v1.24 (#5562) 
* upgrade to go v1.24

* add a macOS-specific //nolint comment too

---------

Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
2025-04-02 15:53:09 -06:00

140 lines
5.1 KiB
YAML
Raw Permalink Blame History

name: Release
permissions:
contents: read
on:
release:
types:
- published
jobs:
goreleaser:
permissions:
contents: write
issues: read
pull-requests: read
runs-on: ubuntu-22.04
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
outputs:
tag: ${{ steps.tagName.outputs.tag }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Unshallow
run: git fetch --prune --unshallow
- name: Set up Node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e
with:
node-version: 22.x
- name: Set up Go
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b
with:
go-version: 1.24.x
cache: false
- name: Set up Docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- uses: azure/docker-login@15c4aadf093404726ab2ff205b2cdd33fa6d054c
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: gcloud authenticate
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935
with:
project_id: ${{ secrets.GCP_PRODUCTION_PROJECT_ID }}
credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
- name: gcloud sdk
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a
- name: Gcloud login
run: gcloud auth configure-docker
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6.3.0
with:
version: v0.184.0
args: release --config .github/goreleaser.yaml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPARITOR_GITHUB_TOKEN: ${{ secrets.APPARITOR_GITHUB_TOKEN }}
- name: Get tag name
id: tagName
run: |
TAG=$(git describe --tags --exact-match)
echo "tag=${TAG}" >> $GITHUB_OUTPUT
echo "version=${TAG#v}" >> $GITHUB_OUTPUT
- name: Install Cloudsmith CLI
run: |
pip3 install cloudsmith-cli
- name: Publish to Cloudsmith
env:
CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }}
working-directory: dist/
run: |
VERSION=${{ steps.tagName.outputs.version }}
RPMS="pomerium-${VERSION}-1.x86_64.rpm pomerium-${VERSION}-1.aarch64.rpm"
for pkg in $(echo $RPMS); do
cloudsmith push rpm pomerium/pomerium/el/any-version $pkg
done
DEBS="pomerium_${VERSION}-1_amd64.deb pomerium_${VERSION}-1_arm64.deb"
for pkg in $(echo $DEBS); do
cloudsmith push deb pomerium/pomerium/any-distro/any-version $pkg
done
- name: Find latest tag
id: latestTag
run: |
LATEST_TAG=$(git tag | grep -vi 'rc' | sort --version-sort | tail -1)
echo "tag=${LATEST_TAG}" >> $GITHUB_OUTPUT
- name: Publish latest tag
if: steps.latestTag.outputs.tag == steps.tagName.outputs.tag
run: |
docker manifest create -a pomerium/pomerium:latest pomerium/pomerium:amd64-${{ steps.tagName.outputs.tag }} pomerium/pomerium:arm64v8-${{ steps.tagName.outputs.tag }}
docker manifest push pomerium/pomerium:latest
docker tag gcr.io/pomerium-io/pomerium:${{ steps.tagName.outputs.tag }}-cloudrun gcr.io/pomerium-io/pomerium:latest-cloudrun
docker push gcr.io/pomerium-io/pomerium:latest-cloudrun
docker manifest create -a pomerium/pomerium:nonroot pomerium/pomerium:nonroot-amd64-${{ steps.tagName.outputs.tag }} pomerium/pomerium:nonroot-arm64v8-${{ steps.tagName.outputs.tag }}
docker manifest push pomerium/pomerium:nonroot
docker manifest create -a pomerium/pomerium:debug pomerium/pomerium:debug-amd64-${{ steps.tagName.outputs.tag }} pomerium/pomerium:debug-arm64v8-${{ steps.tagName.outputs.tag }}
docker manifest push pomerium/pomerium:debug
docker manifest create -a pomerium/pomerium:debug-nonroot pomerium/pomerium:debug-nonroot-amd64-${{ steps.tagName.outputs.tag }} pomerium/pomerium:debug-nonroot-arm64v8-${{ steps.tagName.outputs.tag }}
docker manifest push pomerium/pomerium:debug-nonroot
deploy:
runs-on: ubuntu-22.04
needs: goreleaser
steps:
- name: Checkout Gitops Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: pomerium/gitops-argocd
token: ${{ secrets.APPARITOR_GITHUB_TOKEN }}
- name: Bump test environment
uses: mikefarah/yq@8bf425b4d1344db7cd469a8d10a390876e0c77fd
with:
cmd: yq eval '.pomerium.image.tag = "${{ needs.goreleaser.outputs.tag }}"' -i projects/pomerium-demo/pomerium-demo/values.yaml
- name: Commit changes
uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79
with:
commit_message: |
Bump test environment pomerium/pomerium
Image tag: ${{ needs.goreleaser.outputs.tag }}
Source Repo: ${{ github.repository }}@${{ github.sha }}
Reference in a new issue View git blame Copy permalink