forked from kubernetes-sigs/kustomize
/
cloudbuild.yaml
75 lines (69 loc) · 2.28 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# Cloud build should be configured to trigger with this configuration on tags matching:
# [\w/]+/v\d+\.\d+\.\d+
#
steps:
- name: 'bash'
args:
- 'echo'
- 'Cloud build substitution check: '
- 'BUILD_ID=$BUILD_ID'
- 'PROJECT_ID=$PROJECT_ID'
- 'REVISION_ID=$REVISION_ID'
- 'REPO_NAME=$REPO_NAME'
- 'COMMIT_SHA=$COMMIT_SHA'
- 'BRANCH_NAME=$BRANCH_NAME'
- 'TAG_NAME=$TAG_NAME'
# Cloud build has already copied the repo at the tag that
# that triggered the build to its /workspace directory, but
# hasn't actually _cloned_ the repo (there's no .git directory).
#
# The goreleaser tool, however, needs the repo and its history
# to produce release notes.
#
# So clone the repo to /workspace/myClone to avoid directory
# name collision.
#
- name: gcr.io/cloud-builders/git
args:
- clone
- https://github.com/kubernetes-sigs/kustomize.git
- myClone
# Checkout the proper tag.
- name: gcr.io/cloud-builders/git
dir: myClone
args:
- checkout
- $TAG_NAME
# Copy a newer version of Go into the goreleaser workspace.
# Use the same source image as the builder in kustomize.Dockerfile
- name: golang:alpine
entrypoint: /bin/sh
args:
- '-c'
- 'mkdir -p /workspace/bin && cp $(go env GOROOT)/bin/go /workspace/bin'
# Run goreleaser indirectly via a shell script
# to configure it properly.
- name: goreleaser/goreleaser:v0.179.0
timeout: 12m
entrypoint: /bin/sh
dir: myClone
secretEnv: ['GITHUB_TOKEN']
env:
- 'GO_BINARY_PATH=/workspace/bin/go'
args:
- releasing/cloudbuild.sh
- $TAG_NAME
# - '--snapshot'
# Use this final arg in a local build, to suppress
# the release and leave the 'dist' directory in place.
# Overall timeout
timeout: 14m
# golreleaser expects the GITHUB_TOKEN env var to hold the github token
# it needs to write the released package and notes back to github.
# The raw token was encrypted by gcloud kms (Key Management Service)
# The base64 of that is shown below. It's decrypted by cloud build
# and provided back to goreleaser.
secrets:
- kmsKeyName: projects/k8s-staging-kustomize/locations/global/keyRings/kust-cloud-key-ring/cryptoKeys/kust-cloud-key-name
secretEnv:
GITHUB_TOKEN: CiQAJ+XRL07Aror04bf6N0PpMDxRpxzs1PXVVDztB+HNu3fW7FESUQA2EggaBGI1cpFJC1YT93h9r50WzyLMD28LDDBTO8QJxZsU6UEToBfpVDr0ohnSazBTbvCcy5NJK0ooKyDifFsKzkT5ym3LPyHzPIXiejCmAg==