push 1.0.1 to new repo #215
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - push-prod-image-to-new-repo | |
| permissions: | |
| contents: write | |
| packages: write | |
| checks: write | |
| pull-requests: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| TOOLS_PATH: "/opt/tools/bin" | |
| VERSION: 1.0.1 | |
| RELEASE_TYPE: major | |
| # version in format "X.Y" which is going to be updated with each patch release | |
| FLOATING_TAG: '' | |
| # branch name in format "release-X.Y" | |
| BRANCH_NAME: '' | |
| # GitHub tag name to use for the RC/Release | |
| GH_TAG: '' | |
| # Shows if this workflow is triggered for RC or Release | |
| IS_RC: 0 | |
| ARCH: '' | |
| OS: '' | |
| steps: | |
| - name: Validate input | |
| run: | | |
| if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+(-rc[1-9][0-9]*)?$ ]]; then | |
| echo "Wrong version format provided, please use "X.Y.Z-rcN" format for an RC or "X.Y.Z" format for a release" | |
| exit 1 | |
| fi | |
| - name: Set environment variables | |
| run: | | |
| floating_tag=${VERSION%.*} | |
| echo "FLOATING_TAG=$floating_tag" >> $GITHUB_ENV | |
| echo "BRANCH_NAME=release-$floating_tag" >> $GITHUB_ENV | |
| echo "GH_TAG=v$VERSION" >> $GITHUB_ENV | |
| if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "IS_RC=1" >> $GITHUB_ENV | |
| fi | |
| echo "ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')" >> $GITHUB_ENV | |
| echo "OS=$(uname | awk '{print tolower($0)}')" >> $GITHUB_ENV | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Everest - check out | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.ROBOT_TOKEN }} | |
| - name: Everest - setup golang | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: './go.mod' | |
| - name: Everest - create and update release branch | |
| run: | | |
| git fetch | |
| git checkout v1.0.1 | |
| - name: Everest UI - setup pnpm | |
| uses: pnpm/action-setup@v3 | |
| with: | |
| version: 8 | |
| - name: Everest UI - run with Node 20 | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20.x | |
| cache: 'pnpm' | |
| cache-dependency-path: ui/pnpm-lock.yaml | |
| - name: Everest UI - build | |
| run: | | |
| cd ui | |
| pnpm install | |
| EVEREST_OUT_DIR=${GITHUB_WORKSPACE}/public/dist/ pnpm build | |
| - name: Everest - build binary | |
| run: | | |
| CGO_ENABLED=0 GOOS=linux GOARCH=amd64 make release | |
| - name: Everest - setup docker build metadata | |
| uses: docker/metadata-action@v5 | |
| id: everest_meta | |
| with: | |
| images: | | |
| percona/everest,enable=${{ env.IS_RC == 0 }} | |
| tags: | | |
| type=raw,value=${{ env.VERSION }} | |
| type=raw,value=latest | |
| type=raw,value=${{ env.FLOATING_TAG }},enable=${{ env.IS_RC == 0 }} | |
| - name: Everest - build Everest image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: false | |
| tags: ${{ steps.everest_meta.outputs.tags }} | |
| - name: Everest - set everest image to scan | |
| id: set_everest_image | |
| run: | | |
| # taking the first tag to check with trivy. Since the build is the same, no need to check the rest of them | |
| echo "::set-output name=image_to_check::$(echo "${{ steps.everest_meta.outputs.tags }}" | head -n 1)" | |
| # TODO: fix the vulnerabilities in main and enable this check | |
| # - name: Everest - run Trivy vulnerability scanner | |
| # uses: aquasecurity/[email protected] | |
| # with: | |
| # image-ref: ${{ steps.set_everest_image.outputs.image_to_check }} | |
| # format: 'table' | |
| # exit-code: '1' | |
| # severity: 'CRITICAL,HIGH' | |
| - name: Everest - push Everest image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.everest_meta.outputs.tags }} | |