This repository has been archived by the owner on Dec 21, 2023. It is now read-only.
build(release): 1.4.5 (#9807) #508
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- master | |
- '[0-9]+.[1-9][0-9]*.x' | |
workflow_dispatch: | |
env: | |
NODE_VERSION: 16 | |
GO_VERSION: "~1.20" | |
KEPTN_BOT_NAME: "Keptn Bot" | |
KEPTN_BOT_EMAIL: "keptn-bot <86361500+keptn-bot@users.noreply.github.com>" | |
RELEASE_NOTES_FILE: "RELEASE-BODY.md" | |
BUILD_EVERYTHING: 'true' | |
BRIDGE_ARTIFACT_PREFIX: "BRIDGE" | |
API_ARTIFACT_PREFIX: "API" | |
APPROVAL_SVC_ARTIFACT_PREFIX: "APPROVAL_SVC" | |
DISTRIBUTOR_ARTIFACT_PREFIX: "DISTRIBUTOR" | |
CLI_ARTIFACT_PREFIX: "CLI" | |
SHIPYARD_CONTROLLER_ARTIFACT_PREFIX: "SHIPYARD_CONTROLLER" | |
SECRET_SVC_ARTIFACT_PREFIX: "SECRET_SVC" | |
RESOURCE_SVC_ARTIFACT_PREFIX: "RESOURCE_SVC" | |
REMEDIATION_SVC_ARTIFACT_PREFIX: "REMEDIATION_SVC" | |
LIGHTHOUSE_SVC_ARTIFACT_PREFIX: "LIGHTHOUSE_SVC" | |
MONGODB_DS_ARTIFACT_PREFIX: "MONGODB_DS" | |
STATISTICS_SVC_ARTIFACT_PREFIX: "STATISTICS_SVC" | |
WEBHOOK_SVC_ARTIFACT_PREFIX: "WEBHOOK_SVC" | |
BRIDGE_ARTIFACT: "bridge2" | |
BRIDGE_FOLDER: "bridge/" | |
BRIDGE_DOCKER_TEST_TARGET: "builder-test-unit" | |
API_ARTIFACT: "api" | |
API_FOLDER: "api/" | |
API_DOCKER_TEST_TARGET: "builder-test" | |
APPROVAL_SVC_ARTIFACT: "approval-service" | |
APPROVAL_SVC_FOLDER: "approval-service/" | |
APPROVAL_SVC_DOCKER_TEST_TARGET: "builder-test" | |
DISTRIBUTOR_ARTIFACT: "distributor" | |
DISTRIBUTOR_FOLDER: "distributor/" | |
DISTRIBUTOR_DOCKER_TEST_TARGET: "builder-test" | |
CLI_ARTIFACT: "cli" | |
CLI_FOLDER: "cli/" | |
CLI_DOCKER_TEST_TARGET: "builder-test" | |
SHIPYARD_CONTROLLER_ARTIFACT: "shipyard-controller" | |
SHIPYARD_CONTROLLER_FOLDER: "shipyard-controller/" | |
SHIPYARD_CONTROLLER_DOCKER_TEST_TARGET: "builder-test" | |
SECRET_SVC_ARTIFACT: "secret-service" | |
SECRET_SVC_FOLDER: "secret-service/" | |
SECRET_SVC_DOCKER_TEST_TARGET: "builder-test" | |
RESOURCE_SVC_ARTIFACT: "resource-service" | |
RESOURCE_SVC_FOLDER: "resource-service/" | |
RESOURCE_SVC_DOCKER_TEST_TARGET: "builder-test" | |
REMEDIATION_SVC_ARTIFACT: "remediation-service" | |
REMEDIATION_SVC_FOLDER: "remediation-service/" | |
REMEDIATION_SVC_DOCKER_TEST_TARGET: "builder-test" | |
LIGHTHOUSE_SVC_ARTIFACT: "lighthouse-service" | |
LIGHTHOUSE_SVC_FOLDER: "lighthouse-service/" | |
LIGHTHOUSE_SVC_DOCKER_TEST_TARGET: "builder-test" | |
MONGODB_DS_ARTIFACT: "mongodb-datastore" | |
MONGODB_DS_FOLDER: "mongodb-datastore/" | |
MONGODB_DS_DOCKER_TEST_TARGET: "builder-test" | |
STATISTICS_SVC_ARTIFACT: "statistics-service" | |
STATISTICS_SVC_FOLDER: "statistics-service/" | |
STATISTICS_SVC_DOCKER_TEST_TARGET: "builder-test" | |
WEBHOOK_SVC_ARTIFACT: "webhook-service" | |
WEBHOOK_SVC_FOLDER: "webhook-service/" | |
WEBHOOK_SVC_DOCKER_TEST_TARGET: "builder-test" | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
release-please: | |
runs-on: ubuntu-22.04 | |
concurrency: | |
group: release | |
outputs: | |
tag_name: ${{ steps.release.outputs.tag_name }} | |
releases_created: ${{ steps.release.outputs.releases_created }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run release please | |
uses: google-github-actions/release-please-action@v3 | |
id: release | |
with: | |
command: manifest | |
token: ${{ secrets.GITHUB_TOKEN }} | |
default-branch: ${{ github.ref_name }} | |
prepare: | |
name: Prepare release run | |
runs-on: ubuntu-22.04 | |
concurrency: | |
group: release | |
needs: release-please | |
if: needs.release-please.outputs.releases_created == 'true' | |
outputs: | |
branch: ${{ steps.current_branch.outputs.branch }} | |
keptn-spec-version: ${{ steps.keptn_spec_version.outputs.keptn-spec-version }} | |
datetime: ${{ steps.get_datetime.outputs.DATETIME }} | |
git_sha: ${{ steps.extract_branch.outputs.GIT_SHA }} | |
BUILD_INSTALLER: ${{ steps.check_modified_files.outputs.BUILD_INSTALLER }} | |
BUILD_CLI: ${{ steps.check_modified_files.outputs.BUILD_CLI }} | |
BUILD_MATRIX: ${{ steps.check_modified_files.outputs.BUILD_MATRIX }} | |
BUILD_MATRIX_EMPTY: ${{ steps.check_modified_files.outputs.BUILD_MATRIX_EMPTY }} | |
GO_VERSION: ${{ steps.get_go_version.outputs.GO_VERSION }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.KEPTN_BOT_TOKEN }} | |
- name: Extract branch name | |
id: extract_branch | |
# see https://github.com/keptn/gh-action-extract-branch-name for details | |
uses: keptn/gh-action-extract-branch-name@main | |
- name: Get current date and time | |
id: get_datetime | |
run: | | |
DATETIME=$(date +'%Y%m%d%H%M') | |
echo "DATETIME=$DATETIME" >> "$GITHUB_OUTPUT" | |
- name: Find current branch | |
id: current_branch | |
run: | | |
branch=${GITHUB_REF#refs/heads/} | |
echo "branch=${branch}" >> $GITHUB_OUTPUT | |
- name: Get keptn spec version | |
id: keptn_spec_version | |
run: | | |
git submodule update --init | |
cd specification | |
KEPTN_SPEC_VERSION=$(git describe --tags) | |
echo "keptn-spec-version=${KEPTN_SPEC_VERSION}" >> $GITHUB_OUTPUT | |
- name: Prepare artifact build matrix | |
id: check_modified_files | |
env: | |
BUILD_EVERYTHING: ${{ env.BUILD_EVERYTHING }} | |
RELEASE_BUILD: 'true' | |
run: | | |
./gh-actions-scripts/prepare_changed_artifacts.sh "" | |
############################################################################ | |
# Build Docker Images | |
############################################################################ | |
docker_build: | |
name: Unit Tests and Build Image | |
needs: [release-please, prepare] | |
strategy: | |
matrix: ${{ fromJson(needs.prepare.outputs.BUILD_MATRIX) }} | |
uses: ./.github/workflows/test-and-build-docker-images.yml | |
secrets: inherit | |
with: | |
artifact: ${{ matrix.config.artifact }} | |
tags: | | |
quay.io/keptn/${{ matrix.config.artifact }}:${{ needs.release-please.outputs.tag_name }} | |
ghcr.io/keptn/${{ matrix.config.artifact }}:${{ needs.release-please.outputs.tag_name }} | |
should-run: ${{ matrix.config.should-run }} | |
should-push-image: ${{ matrix.config.should-push-image }} | |
docker-test-target: ${{ matrix.config.docker-test-target }} | |
working-dir: ${{ matrix.config.working-dir }} | |
version: ${{ needs.release-please.outputs.tag_name }} | |
datetime: ${{ needs.prepare.outputs.datetime }} | |
gitSha: ${{ needs.prepare.outputs.git_sha }} | |
build-installer: ${{ needs.prepare.outputs.BUILD_INSTALLER }} | |
build-everything: "true" | |
release-build: "true" | |
############################################################################ | |
# Build Helm Charts (only relevant for build_everything) | |
############################################################################ | |
build-helm-charts: | |
needs: [release-please, prepare] | |
name: Build Helm Charts | |
uses: ./.github/workflows/build-helm-charts.yml | |
secrets: inherit | |
with: | |
branch: ${{ needs.prepare.outputs.branch }} | |
version: ${{ needs.release-please.outputs.tag_name }} | |
keptn-spec-version: ${{ needs.prepare.outputs.keptn-spec-version }} | |
release: true | |
############################################################################ | |
# Build CLI | |
############################################################################ | |
build-cli: | |
needs: [release-please, prepare] | |
uses: ./.github/workflows/build-cli.yml | |
with: | |
branch: ${{ needs.prepare.outputs.branch }} | |
version: ${{ needs.release-please.outputs.tag_name }} | |
release: true | |
############################################################################ | |
# Release | |
############################################################################ | |
release: | |
name: "Release" | |
runs-on: ubuntu-22.04 | |
needs: [release-please, prepare, docker_build, build-helm-charts, build-cli] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
path: keptn | |
token: ${{ secrets.KEPTN_BOT_TOKEN }} | |
- name: Checkout helm-charts repo | |
uses: actions/checkout@v4 | |
with: | |
repository: keptn/helm-charts | |
path: helm-charts | |
ref: gh-pages | |
token: ${{ secrets.KEPTN_BOT_TOKEN }} | |
- name: Set up Node.js | |
uses: actions/setup-node@v3.8.2 | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Configure Git | |
env: | |
KEPTN_BOT_NAME: ${{ env.KEPTN_BOT_NAME }} | |
KEPTN_BOT_EMAIL: ${{ env.KEPTN_BOT_EMAIL }} | |
run: | | |
git config --global user.name "$KEPTN_BOT_NAME" | |
git config --global user.email "$KEPTN_BOT_EMAIL" | |
- name: Download Release Artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: ./dist | |
- name: Get k8s resource stats | |
working-directory: keptn | |
env: | |
HELM_TEMPLATE: template.yml | |
RESOURCE_JSON: resources.json | |
RESOURCE_MARKDOWN: resources.md | |
RELEASE_NOTES_FILE: ${{ env.RELEASE_NOTES_FILE }} | |
run: ./gh-actions-scripts/generate-k8s-resource-stats.sh | |
- name: Upload Release Assets | |
working-directory: keptn | |
env: | |
GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_TOKEN }} | |
RELEASE_TAG: ${{ needs.release-please.outputs.tag_name }} | |
run: | | |
gh release upload "$RELEASE_TAG" ../dist/keptn-installer/*.tgz | |
gh release upload "$RELEASE_TAG" ../dist/keptn-installer/*.tgz.prov | |
gh release upload "$RELEASE_TAG" ../dist/keptn-cli/*.tar.gz | |
- name: Upload helm charts | |
env: | |
GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_TOKEN }} | |
RELEASE_TAG: ${{ needs.release-please.outputs.tag_name }} | |
run: | | |
mv ./dist/keptn-installer/*.tgz ./helm-charts/packages | |
mv ./dist/keptn-installer/*.tgz.prov ./helm-charts/packages | |
cd ./helm-charts | |
helm repo index ./ --url https://charts.keptn.sh/ --merge ./index.yaml | |
git add *.tgz | |
git add index.yaml | |
git commit --signoff -m "Keptn Release $RELEASE_TAG" | |
git push | |
- name: Attach container image digests to release | |
working-directory: keptn | |
env: | |
GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_TOKEN }} | |
DIGEST_FILE: "digests.csv" | |
RELEASE_TAG: ${{ needs.release-please.outputs.tag_name }} | |
run: | | |
cat ../dist/image-digests/digest-*.txt >> $DIGEST_FILE | |
gh release upload "$RELEASE_TAG" "$DIGEST_FILE" | |
- name: Attach Helm provenance public key to release | |
working-directory: keptn | |
env: | |
GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_TOKEN }} | |
RELEASE_TAG: ${{ needs.release-please.outputs.tag_name }} | |
run: gh release upload "$RELEASE_TAG" './assets/pubring.gpg' | |
generate-sboms: | |
name: Generate SBOMs | |
runs-on: ubuntu-22.04 | |
needs: [release-please, prepare, docker_build] | |
strategy: | |
matrix: ${{ fromJson(needs.prepare.outputs.BUILD_MATRIX) }} | |
steps: | |
- name: Generate SBOM | |
uses: anchore/sbom-action@v0.14.3 | |
with: | |
image: ghcr.io/keptn/${{ matrix.config.artifact }}:${{ needs.release-please.outputs.tag_name }} | |
artifact-name: sbom-${{ matrix.config.artifact }}-${{ needs.release-please.outputs.tag_name }} | |
output-file: ./sbom-${{ matrix.config.artifact }}-${{ needs.release-please.outputs.tag_name }}.spdx.json | |
- name: Attach SBOM to release | |
uses: softprops/action-gh-release@v1 | |
with: | |
tag_name: ${{ needs.release-please.outputs.tag_name }} | |
files: ./sbom-${{ matrix.config.artifact }}-${{ needs.release-please.outputs.tag_name }}.spdx.json |