mirror of
https://github.com/falcosecurity/falco.git
synced 2025-08-02 06:52:10 +00:00
update(ci): react to release publishing, rewire variables
Signed-off-by: Luca Guerra <luca@guerra.sh>
This commit is contained in:
Luca Guerra
poiana
parent
d4fa8d6d91
commit
33b0173657
43
.github/workflows/release.yaml
vendored
43
.github/workflows/release.yaml
vendored
@ -1,9 +1,7 @@
|
||||
name: Release Packages and Docker images
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '[0-9]+.[0-9]+.[0-9]+' # final release
|
||||
- '[0-9]+.[0-9]+.[0-9]+-*' # prerelease/RC
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
# Checks if any concurrent jobs is running for release CI and eventually cancel it.
|
||||
concurrency:
|
||||
@ -27,63 +25,76 @@ jobs:
|
||||
shell: python
|
||||
run: |
|
||||
import os
|
||||
is_prerelease = '-' in '${{ github.ref_name }}'
|
||||
import re
|
||||
|
||||
semver_no_meta = '''^(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?$'''
|
||||
tag_name = '${{ github.event.release.tag_name }}'
|
||||
|
||||
should_publish = re.match(semver_no_meta, tag_name) is not None
|
||||
|
||||
is_prerelease = '-' in tag_name
|
||||
|
||||
# Safeguard: you need to both set "latest" in GH and not have suffixes to overwrite latest
|
||||
is_latest = '${{ steps.latest_release.outputs.release }}' == '${{ github.ref_name }}' and not is_prerelease
|
||||
is_latest = '${{ steps.latest_release.outputs.release }}' == tag_name and not is_prerelease
|
||||
|
||||
bucket_suffix = '-dev' if is_prerelease else ''
|
||||
|
||||
with open(os.environ['GITHUB_OUTPUT'], 'a') as ofp:
|
||||
print(f'is_latest={is_latest}'.lower(), file=ofp)
|
||||
print(f'should_publish={should_publish}'.lower(), file=ofp)
|
||||
print(f'bucket_suffix={bucket_suffix}', file=ofp)
|
||||
outputs:
|
||||
is_latest: ${{ steps.get_settings.outputs.is_latest }}
|
||||
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
||||
|
||||
build-packages:
|
||||
needs: [release-settings]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
||||
with:
|
||||
arch: x86_64
|
||||
secrets: inherit
|
||||
|
||||
build-packages-arm64:
|
||||
needs: [release-settings]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
||||
with:
|
||||
arch: aarch64
|
||||
secrets: inherit
|
||||
|
||||
publish-packages:
|
||||
needs: [build-packages, build-packages-arm64]
|
||||
needs: [release-settings, build-packages, build-packages-arm64]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master
|
||||
with:
|
||||
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
||||
bucket_suffix: ${{ needs.release-settings.outputs.bucket_suffix }}
|
||||
version: ${{ needs.build-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
|
||||
# Both build-docker and its arm64 counterpart require build-packages because they use its output
|
||||
build-docker:
|
||||
needs: [build-packages, publish-packages]
|
||||
needs: [release-settings, build-packages, publish-packages]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
||||
with:
|
||||
arch: x86_64
|
||||
is_latest: ${{ needs.release-settings.outputs.is_latest == 'true' }}
|
||||
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
||||
bucket_suffix: ${{ needs.release-settings.outputs.bucket_suffix }}
|
||||
version: ${{ needs.build-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
|
||||
build-docker-arm64:
|
||||
needs: [build-packages, publish-packages]
|
||||
needs: [release-settings, build-packages, publish-packages]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
||||
with:
|
||||
arch: aarch64
|
||||
is_latest: ${{ needs.release-settings.outputs.is_latest == 'true' }}
|
||||
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
||||
bucket_suffix: ${{ needs.release-settings.outputs.bucket_suffix }}
|
||||
version: ${{ needs.build-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
|
||||
publish-docker:
|
||||
needs: [build-docker, build-docker-arm64]
|
||||
needs: [release-settings, build-docker, build-docker-arm64]
|
||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master
|
||||
secrets: inherit
|
||||
with:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user