feature: add release automation workflows (#2224)
* feature: add release automation workflows * deactivate provenancee because of behaviour change with buildx v0.10.0 * add changelog section extraction for github release notes * fix registry path; fix EOF * use correct version of golangci-lint; add additional workflow step for fetching all dependencies
This commit is contained in:
parent
f88f09f962
commit
2df301cc21
117
.github/workflows/create-release.yml
vendored
Normal file
117
.github/workflows/create-release.yml
vendored
Normal file
@ -0,0 +1,117 @@
|
||||
name: Create Release
|
||||
run-name: Create release ${{ inputs.version }}
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
version:
|
||||
description: 'Version for new release'
|
||||
required: true
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
ref: master
|
||||
fetch-depth: 0
|
||||
fetch-tags: true
|
||||
|
||||
- name: Validate version
|
||||
id: validate
|
||||
run: |
|
||||
function ver { printf "%03d%03d%03d%03d" $(echo "$1" | tr '.' ' '); }
|
||||
|
||||
NEW_VERSION=${{ inputs.version }}
|
||||
NEW_VERSION=${NEW_VERSION#v} # Remove v prefix
|
||||
|
||||
LATEST_VERSION=$(git describe --abbrev=0 --tags)
|
||||
LATEST_VERSION=${LATEST_VERSION#v} # Remove v prefix
|
||||
|
||||
# check that new version can be parsed
|
||||
if [ ! $(ver $NEW_VERSION ) -gt $(ver 0) ]; then
|
||||
echo "::error::Entered version '${{ inputs.version }}' cannot be parsed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# check version continuity
|
||||
if [ ! $(ver $LATEST_VERSION) -lt $(ver $NEW_VERSION) ]; then
|
||||
echo "::error::Entered version '${{ inputs.version }}' is smaller then latest version $LATEST_VERSION"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "version=${NEW_VERSION}" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Prepare Github Actions Bot
|
||||
run: |
|
||||
git config --local user.name "github-actions[bot]"
|
||||
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
|
||||
- name: Setup node
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: latest
|
||||
|
||||
- name: Update documentation
|
||||
run: |
|
||||
cd docs
|
||||
|
||||
FULL_VERSION=${{ steps.validate.outputs.version }}
|
||||
VERSION=${FULL_VERSION%.*}.x
|
||||
|
||||
if [ ! -d "versioned_docs/version-${VERSION}" ]; then
|
||||
npm ci
|
||||
npm run docusaurus docs:version ${VERSION}
|
||||
|
||||
git add .
|
||||
git commit -m "add new docs version ${VERSION}"
|
||||
fi
|
||||
|
||||
sed -i "s/(current release is .*)/(current release is \`v${FULL_VERSION}\`)/g" docs/installation.md
|
||||
sed -i "s/(current release is .*)/(current release is \`v${FULL_VERSION}\`)/g" versioned_docs/version-${VERSION}/installation.md
|
||||
|
||||
- name: Update Changelog
|
||||
run: |
|
||||
VERSION=${{ steps.validate.outputs.version }}
|
||||
|
||||
sed -i "s/#.*(Pre-release)/# V${VERSION}/g" CHANGELOG.md
|
||||
|
||||
cat << EOF > /tmp/CHANGELOG.prepend
|
||||
# Vx.x.x (Pre-release)
|
||||
|
||||
## Release Highlights
|
||||
|
||||
## Important Notes
|
||||
|
||||
## Breaking Changes
|
||||
EOF
|
||||
|
||||
echo -e "$(cat /tmp/CHANGELOG.prepend)\n\n$(cat CHANGELOG.md)" > CHANGELOG.md
|
||||
|
||||
- name: Update development files
|
||||
run: |
|
||||
VERSION=${{ steps.validate.outputs.version }}
|
||||
cd contrib
|
||||
grep -rl "quay.io/oauth2-proxy/oauth2-proxy:" | \
|
||||
xargs sed -i "s#quay.io/oauth2-proxy/oauth2-proxy:v[0-9]\+\.[0-9]\+\.[0-9]\+#quay.io/oauth2-proxy/oauth2-proxy:v${VERSION}#g"
|
||||
|
||||
- name: Commit and push
|
||||
run: |
|
||||
VERSION=${{ steps.validate.outputs.version }}
|
||||
|
||||
git checkout -b release/v${VERSION}
|
||||
git commit -am "update to release version v${VERSION}"
|
||||
git push -u origin release/v${VERSION}
|
||||
|
||||
- name: Create PR
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
VERSION=v${{ steps.validate.outputs.version }}
|
||||
gh pr create -B master -H release/${VERSION} --title "release ${VERSION}" --body "Release branch and changes created by GitHub Actions. This PR should include changes to the docs, CHANGELOG and local environment files."
|
126
.github/workflows/publish-release.yml
vendored
Normal file
126
.github/workflows/publish-release.yml
vendored
Normal file
@ -0,0 +1,126 @@
|
||||
name: Publish Release
|
||||
run-name: ${{ github.event.pull_request.head.ref }}
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
branches:
|
||||
- master
|
||||
types:
|
||||
- closed
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
if: github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/')
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
tag: ${{ steps.tag.outputs.version }}
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.merge_commit_sha }}
|
||||
fetch-depth: 0
|
||||
fetch-tags: true
|
||||
|
||||
- name: Tag release
|
||||
run: |
|
||||
# Set up github-actions[bot] user
|
||||
git config --local user.name "github-actions[bot]"
|
||||
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
|
||||
# Get the version from the branch name
|
||||
branch="${{ github.event.pull_request.head.ref }}"
|
||||
version="${branch#release/}"
|
||||
echo ${version}
|
||||
|
||||
# Tag and create release
|
||||
git tag -a "${version}" -m "Release ${version}"
|
||||
echo "version=${version}" >> $GITHUB_OUTPUT
|
||||
id: tag
|
||||
|
||||
- name: Set up go
|
||||
uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: 1.19
|
||||
|
||||
- name: Get dependencies
|
||||
run: |
|
||||
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.50.0
|
||||
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
|
||||
chmod +x ./cc-test-reporter
|
||||
|
||||
# Install go depedencies
|
||||
go mod download
|
||||
|
||||
- name: Build Artifacts
|
||||
run: make release
|
||||
|
||||
# Upload artifacts in case of workflow failure
|
||||
- name: Upload Artifacts
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: oauth2-proxy-artifacts
|
||||
path: |
|
||||
release/*.tar.gz
|
||||
release/*.txt
|
||||
|
||||
- name: Create release
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
run: |
|
||||
# Get version from tag
|
||||
version=$(git describe --tags --abbrev=0)
|
||||
|
||||
# Extract CHANGELOG
|
||||
numericVersion="${version#v}"
|
||||
notes=$(sed -E "/^# (v|V)$numericVersion$/,/^# (v|V)/!d;//d" CHANGELOG.md)
|
||||
|
||||
# Publish release tag
|
||||
git push origin "${version}"
|
||||
|
||||
# Create github release
|
||||
gh release create "${version}" \
|
||||
--title "${version}" \
|
||||
--notes "${notes}" \
|
||||
--prerelease
|
||||
|
||||
# Upload artifacts
|
||||
gh release upload "${version}" release/*.tar.gz
|
||||
gh release upload "${version}" release/*.txt
|
||||
|
||||
docker:
|
||||
needs: publish
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
ref: ${{ needs.publish.outputs.tag }}
|
||||
fetch-depth: 0
|
||||
fetch-tags: true
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Login to quay.io
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: quay.io/oauth2-proxy
|
||||
username: ${{ secrets.REGISTRY_USERNAME }}
|
||||
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
|
||||
- name: Build images
|
||||
run: |
|
||||
make docker-all
|
||||
|
||||
- name: Push images
|
||||
run: |
|
||||
make docker-push-all
|
@ -1,5 +1,7 @@
|
||||
# Release
|
||||
|
||||
The is a legacy document to explain the manual process of creating and publishing a new release of oauth2-proxy. As of now the release process has been automated with GitHub Actions workflows. For more information have a look at the workflows `create-release.yml` and `publish-release.yml`.
|
||||
|
||||
Here's how OAuth2 Proxy releases are created.
|
||||
|
||||
## Schedule
|
||||
|
Loading…
Reference in New Issue
Block a user