generated from CDCgov/template
-
Notifications
You must be signed in to change notification settings - Fork 2
111 lines (98 loc) · 3.68 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
name: "release"
# This workflow handles two different scenarios:
# 1. Merging a pull request into main:
# - creation of a draft release
# 2. Pushing a version tag:
# - creation of a published release
# - building and pushing of a new Docker image to ghcr.io
on:
push:
branches: [main]
tags:
- "v*.*.*"
jobs:
update_release:
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
packages: "write"
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for tags
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Next tag
run: |
# Get the tag that triggered the workflow
tag=${GITHUB_REF#refs/tags/}
# Test if the tag is a version tag
if [[ "$tag" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
next_tag=$tag
else
next_tag=$(scripts/next_tag.sh)
fi
echo "Next tag: $next_tag"
echo "NEXT_TAG=$next_tag" >> $GITHUB_ENV
- name: Optionally delete the existing draft release
run: |
# Get existing draft release (if any)
response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/releases")
# Check if there is a draft release
draft_release=$(echo "$response" | jq '.[] | select(.draft == true)')
if [[ -n "$draft_release" ]]; then
# Delete the existing draft release
draft_release_id=$(echo "$draft_release" | jq -r '.id')
echo "Deleting draft release: ${draft_release_id}"
curl -s -X DELETE \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Accept: application/vnd.github+json" \
"https://api.github.com/repos/${{ github.repository }}/releases/${draft_release_id}"
fi
- name: Create the release
run: |
# If the tag ends in -rc.*, then its a draft release
if [[ "${{ env.NEXT_TAG }}" =~ -rc\.[0-9]+$ ]]; then
echo "Creating a draft release"
draft=true
else
echo "Creating a published release"
draft=false
fi
# Create a new release
curl -s -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Accept: application/vnd.github+json" \
-d @- "https://api.github.com/repos/${{ github.repository }}/releases" <<EOF
{
"tag_name": "${{ env.NEXT_TAG }}",
"target_commitish": "main",
"name": "${{ env.NEXT_TAG }}",
"generate_release_notes": true,
"draft": ${draft}
}
EOF
- name: Log in to GitHub Container Registry
uses: docker/login-action@v2
if: startsWith(github.ref, 'refs/tags/v')
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Convert repository name to lowercase
if: startsWith(github.ref, 'refs/tags/v')
run: echo "PACKAGE_NAME=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
if: startsWith(github.ref, 'refs/tags/v')
with:
platforms: linux/amd64,linux/arm64
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
tags: |
ghcr.io/${{ env.PACKAGE_NAME }}:latest
ghcr.io/${{ env.PACKAGE_NAME }}:${{ env.NEXT_TAG }}