Skip to content

Merge pull request #347 from cert-manager/dependabot/go_modules/all-5… #2

Merge pull request #347 from cert-manager/dependabot/go_modules/all-5…

Merge pull request #347 from cert-manager/dependabot/go_modules/all-5… #2

Workflow file for this run

name: release
on:
push:
tags:
- "v*"
env:
VERSION: ${{ github.ref_name }}
jobs:
build_images:
runs-on: ubuntu-latest
permissions:
contents: read # needed for checkout
packages: write # needed for push images
id-token: write # needed for keyless signing
steps:
- uses: actions/checkout@v4
- uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
- id: release
run: make release
- uses: actions/upload-artifact@v4
with:
name: trust-manager-${{ env.VERSION }}.tgz
path: ${{ steps.release.outputs.RELEASE_HELM_CHART_TAR }}
outputs:
RELEASE_OCI_MANAGER_IMAGE: ${{ steps.release.outputs.RELEASE_OCI_MANAGER_IMAGE }}
RELEASE_OCI_MANAGER_TAG: ${{ steps.release.outputs.RELEASE_OCI_MANAGER_TAG }}
RELEASE_OCI_PACKAGE_DEBIAN_IMAGE: ${{ steps.release.outputs.RELEASE_OCI_PACKAGE_DEBIAN_IMAGE }}
RELEASE_OCI_PACKAGE_DEBIAN_TAG: ${{ steps.release.outputs.RELEASE_OCI_PACKAGE_DEBIAN_TAG }}
RELEASE_HELM_CHART_NAME: ${{ steps.release.outputs.RELEASE_HELM_CHART_NAME }}
RELEASE_HELM_CHART_VERSION: ${{ steps.release.outputs.RELEASE_HELM_CHART_VERSION }}
github_release:
runs-on: ubuntu-latest
needs: build_images
permissions:
contents: write # needed for creating a PR
pull-requests: write # needed for creating a PR
steps:
- run: |
touch .notes-file
echo "OCI_MANAGER_IMAGE: ${{ needs.build_images.outputs.RELEASE_OCI_MANAGER_IMAGE }}" >> .notes-file
echo "OCI_MANAGER_TAG: ${{ needs.build_images.outputs.RELEASE_OCI_MANAGER_TAG }}" >> .notes-file
echo "OCI_PACKAGE_DEBIAN_IMAGE: ${{ needs.build_images.outputs.RELEASE_OCI_PACKAGE_DEBIAN_IMAGE }}" >> .notes-file
echo "OCI_PACKAGE_DEBIAN_TAG: ${{ needs.build_images.outputs.RELEASE_OCI_PACKAGE_DEBIAN_TAG }}" >> .notes-file
echo "HELM_CHART_NAME: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}" >> .notes-file
echo "HELM_CHART_VERSION: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}" >> .notes-file
- id: chart_download
uses: actions/download-artifact@v4
with:
name: trust-manager-${{ env.VERSION }}.tgz
- env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create "$VERSION" \
--repo="$GITHUB_REPOSITORY" \
--title="${GITHUB_REPOSITORY#*/} ${VERSION#v}" \
--draft \
--verify-tag \
--notes-file .notes-file
gh release upload "$VERSION" \
--repo="$GITHUB_REPOSITORY" \
"${{ steps.chart_download.outputs.download-path }}/trust-manager-$VERSION.tgz"