mirror of
https://github.com/k8sgpt-ai/k8sgpt.git
synced 2026-01-24 14:14:21 +00:00
9192b26fab
Signed-off-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
117 lines
3.8 KiB
YAML
117 lines
3.8 KiB
YAML
name: release
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- '[0-9]+.[0-9]+.x'
|
|
workflow_dispatch:
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
release-please:
|
|
permissions:
|
|
contents: write # for google-github-actions/release-please-action to create release commit
|
|
pull-requests: write # for google-github-actions/release-please-action to create release PR
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
releases_created: ${{ steps.release.outputs.releases_created }}
|
|
tag_name: ${{ steps.release.outputs.tag_name }}
|
|
# Release-please creates a PR that tracks all changes
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3
|
|
|
|
- uses: google-github-actions/release-please-action@c078ea33917ab8cfa5300e48f4b7e6b16606aede # v3
|
|
id: release
|
|
with:
|
|
command: manifest
|
|
token: ${{secrets.GITHUB_TOKEN}}
|
|
default-branch: main
|
|
|
|
goreleaser:
|
|
if: needs.release-please.outputs.releases_created == 'true'
|
|
permissions:
|
|
contents: write
|
|
needs:
|
|
- release-please
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Set up Go
|
|
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4
|
|
with:
|
|
go-version: '1.20'
|
|
- name: Download Syft
|
|
uses: anchore/sbom-action/download-syft@4d571ad1038a9cc29d676154ef265ab8f9027042 # v0.14.2
|
|
- name: Run GoReleaser
|
|
uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4
|
|
with:
|
|
# either 'goreleaser' (default) or 'goreleaser-pro'
|
|
distribution: goreleaser
|
|
version: latest
|
|
args: release --clean
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.K8SGPT_BOT_SECRET }}
|
|
|
|
build-container:
|
|
if: needs.release-please.outputs.releases_created == 'true'
|
|
needs:
|
|
- release-please
|
|
runs-on: ubuntu-22.04
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
id-token: write
|
|
env:
|
|
IMAGE_TAG: ghcr.io/k8sgpt-ai/k8sgpt:${{ needs.release-please.outputs.tag_name }}
|
|
IMAGE_NAME: k8sgpt
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2
|
|
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build Docker Image
|
|
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4
|
|
with:
|
|
context: .
|
|
file: ./container/Dockerfile
|
|
platforms: linux/amd64,linux/arm64
|
|
target: production
|
|
tags: |
|
|
${{ env.IMAGE_TAG }}
|
|
builder: ${{ steps.buildx.outputs.name }}
|
|
push: true
|
|
cache-from: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_TAG }}
|
|
cache-to: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_TAG }}
|
|
|
|
- name: Generate SBOM
|
|
uses: anchore/sbom-action@4d571ad1038a9cc29d676154ef265ab8f9027042 # v0.14.2
|
|
with:
|
|
image: ${{ env.IMAGE_TAG }}
|
|
artifact-name: sbom-${{ env.IMAGE_NAME }}
|
|
output-file: ./sbom-${{ env.IMAGE_NAME }}.spdx.json
|
|
|
|
- name: Attach SBOM to release
|
|
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
|
|
with:
|
|
tag_name: ${{ needs.release-please.outputs.tag_name }}
|
|
files: ./sbom-${{ env.IMAGE_NAME }}.spdx.json |