-
Notifications
You must be signed in to change notification settings - Fork 49
134 lines (110 loc) · 4.41 KB
/
delivery.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Delivery
on:
push:
branches: [ master ]
release:
# Note: a current limitation is that when a release is edited after publication, then the Docker tags are not automatically updated.
types: [ published ]
permissions:
contents: write
packages: write
# Disable concurrency to prevent that images are tagged in the wrong order.
concurrency:
group: delivery
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
is-head-master: ${{ steps.is-head-master.outcome == 'success' }}
is-latest-release: ${{ steps.is-latest-release.outcome == 'success' }}
steps:
- uses: actions/checkout@v4
with:
ref: master
fetch-depth: 0
- name: Check whether the release is merged to master
run: git branch --contains ${{ github.sha }} | grep -x "* master"
shell: bash
- name: Check whether this event is the HEAD of master
continue-on-error: true
id: is-head-master
run: git rev-parse HEAD | grep -x ${{ github.sha }}
shell: bash
- uses: actions/checkout@v4
- name: Check whether version.go contains the new version number
if: github.event_name == 'release'
run: cat version.go | grep ${GITHUB_REF_NAME:1}
shell: bash
- name: Check whether CHANGELOG.md contains the new version number
if: github.event_name == 'release'
run: cat CHANGELOG.md | grep "\[${GITHUB_REF_NAME:1}\]"
shell: bash
- name: Check whether the release is latest
continue-on-error: true
id: is-latest-release
if: github.event_name == 'release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh release view --json tagName --jq .tagName | grep -x ${{ github.event.release.tag_name }}
shell: bash
build-docker-image:
runs-on: ubuntu-latest
needs: prepare
steps:
- uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Docker image
run: docker build -t ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} .
- name: Tag Docker image (edge)
if: needs.prepare.outputs.is-head-master == 'true'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:edge
- name: Tag Docker image (version)
if: github.event_name == 'release'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:${{ github.event.release.tag_name }}
- name: Tag Docker image (latest)
if: needs.prepare.outputs.is-latest-release == 'true'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:latest
- name: Push Docker image (edge)
if: needs.prepare.outputs.is-head-master == 'true'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:edge
- name: Push Docker image (version)
if: github.event_name == 'release'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:${{ github.event.release.tag_name }}
- name: Tag Docker image (latest)
if: needs.prepare.outputs.is-latest-release == 'true'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:latest
build-release-artifact:
needs: prepare
runs-on: ubuntu-latest
strategy:
matrix:
os: [ linux, darwin, windows ]
arch: [ amd64, 386, arm, arm64 ]
exclude:
- os: darwin
arch: 386
- os: darwin
arch: arm
steps:
- uses: actions/checkout@v4
- name: Build artifact
uses: ./.github/actions/build
id: build
with:
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: irma-${{ matrix.os }}-${{ matrix.arch }}
path: ${{ steps.build.outputs.artifact-name }}
- name: Upload artifact to release
if: github.event_name == 'release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh release upload ${{ github.event.release.tag_name }} ${{ steps.build.outputs.artifact-name }}