mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-02 23:26:24 +00:00
update(ci): fail on non-semver release
Signed-off-by: Luca Guerra <luca@guerra.sh> Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Luca Guerra
poiana
14
.github/workflows/release.yaml
vendored
14
.github/workflows/release.yaml
vendored
@@ -14,7 +14,6 @@ jobs:
|
|||||||
outputs:
|
outputs:
|
||||||
is_latest: ${{ steps.get_settings.outputs.is_latest }}
|
is_latest: ${{ steps.get_settings.outputs.is_latest }}
|
||||||
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
bucket_suffix: ${{ steps.get_settings.outputs.bucket_suffix }}
|
||||||
should_publish: ${{ steps.get_settings.outputs.should_publish }}
|
|
||||||
steps:
|
steps:
|
||||||
- name: Get latest release
|
- name: Get latest release
|
||||||
uses: rez0n/actions-github-release@v2.0
|
uses: rez0n/actions-github-release@v2.0
|
||||||
@@ -30,11 +29,15 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
|
import sys
|
||||||
|
|
||||||
semver_no_meta = '''^(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?$'''
|
semver_no_meta = '''^(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?$'''
|
||||||
tag_name = '${{ github.event.release.tag_name }}'
|
tag_name = '${{ github.event.release.tag_name }}'
|
||||||
|
|
||||||
should_publish = re.match(semver_no_meta, tag_name) is not None
|
is_valid_version = re.match(semver_no_meta, tag_name) is not None
|
||||||
|
if not is_valid_version:
|
||||||
|
print(f'Release version {tag_name} is not a valid full or pre-release. See RELEASE.md for more information.')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
is_prerelease = '-' in tag_name
|
is_prerelease = '-' in tag_name
|
||||||
|
|
||||||
@@ -45,12 +48,10 @@ jobs:
|
|||||||
|
|
||||||
with open(os.environ['GITHUB_OUTPUT'], 'a') as ofp:
|
with open(os.environ['GITHUB_OUTPUT'], 'a') as ofp:
|
||||||
print(f'is_latest={is_latest}'.lower(), file=ofp)
|
print(f'is_latest={is_latest}'.lower(), file=ofp)
|
||||||
print(f'should_publish={should_publish}'.lower(), file=ofp)
|
|
||||||
print(f'bucket_suffix={bucket_suffix}', file=ofp)
|
print(f'bucket_suffix={bucket_suffix}', file=ofp)
|
||||||
|
|
||||||
build-packages:
|
build-packages:
|
||||||
needs: [release-settings]
|
needs: [release-settings]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
||||||
with:
|
with:
|
||||||
arch: x86_64
|
arch: x86_64
|
||||||
@@ -59,7 +60,6 @@ jobs:
|
|||||||
|
|
||||||
build-packages-arm64:
|
build-packages-arm64:
|
||||||
needs: [release-settings]
|
needs: [release-settings]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
|
||||||
with:
|
with:
|
||||||
arch: aarch64
|
arch: aarch64
|
||||||
@@ -68,7 +68,6 @@ jobs:
|
|||||||
|
|
||||||
publish-packages:
|
publish-packages:
|
||||||
needs: [release-settings, build-packages, build-packages-arm64]
|
needs: [release-settings, build-packages, build-packages-arm64]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master
|
||||||
with:
|
with:
|
||||||
bucket_suffix: ${{ needs.release-settings.outputs.bucket_suffix }}
|
bucket_suffix: ${{ needs.release-settings.outputs.bucket_suffix }}
|
||||||
@@ -78,7 +77,6 @@ jobs:
|
|||||||
# Both build-docker and its arm64 counterpart require build-packages because they use its output
|
# Both build-docker and its arm64 counterpart require build-packages because they use its output
|
||||||
build-docker:
|
build-docker:
|
||||||
needs: [release-settings, build-packages, publish-packages]
|
needs: [release-settings, build-packages, publish-packages]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
||||||
with:
|
with:
|
||||||
arch: x86_64
|
arch: x86_64
|
||||||
@@ -90,7 +88,6 @@ jobs:
|
|||||||
|
|
||||||
build-docker-arm64:
|
build-docker-arm64:
|
||||||
needs: [release-settings, build-packages, publish-packages]
|
needs: [release-settings, build-packages, publish-packages]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
|
||||||
with:
|
with:
|
||||||
arch: aarch64
|
arch: aarch64
|
||||||
@@ -102,7 +99,6 @@ jobs:
|
|||||||
|
|
||||||
publish-docker:
|
publish-docker:
|
||||||
needs: [release-settings, build-docker, build-docker-arm64]
|
needs: [release-settings, build-docker, build-docker-arm64]
|
||||||
if: ${{ needs.release-settings.outputs.should_publish == 'true' }}
|
|
||||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master
|
uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
with:
|
with:
|
||||||
|
|||||||
Reference in New Issue
Block a user