Skip to content

Commit 467e598

Browse files
committed
use one workflow file
1 parent b153991 commit 467e598

2 files changed

Lines changed: 82 additions & 85 deletions

File tree

.github/workflows/delivery.yml

Lines changed: 82 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -3,19 +3,81 @@ name: Delivery
33
on:
44
push:
55
branches: [main]
6-
tags: ['v[0-9]+.[0-9]+.[0-9]+']
76
pull_request:
87
branches: [main]
98
workflow_dispatch:
109

11-
permissions:
12-
contents: read
13-
packages: write
14-
security-events: write
15-
1610
jobs:
11+
release-plz:
12+
if: github.event_name != 'pull_request'
13+
runs-on: ubuntu-latest
14+
permissions:
15+
contents: write
16+
pull-requests: write
17+
id-token: write
18+
outputs:
19+
tag: ${{ steps.tag.outputs.tag }}
20+
is_release: ${{ steps.tag.outputs.is_release }}
21+
steps:
22+
- name: Checkout repository
23+
uses: actions/checkout@v6
24+
with:
25+
fetch-depth: 0
26+
persist-credentials: false
27+
28+
- name: Install Rust toolchain
29+
uses: dtolnay/rust-toolchain@stable
30+
31+
- name: Run release-plz release
32+
uses: release-plz/action@v0.5
33+
with:
34+
command: release
35+
env:
36+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37+
# CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
38+
39+
- name: Detect release tag
40+
id: tag
41+
run: |
42+
git fetch --tags
43+
TAG=$(git tag --points-at HEAD | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+' | head -1)
44+
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
45+
echo "is_release=$([[ -n "${TAG}" ]] && echo true || echo false)" >> "$GITHUB_OUTPUT"
46+
47+
release-plz-pr:
48+
needs: release-plz
49+
runs-on: ubuntu-latest
50+
permissions:
51+
contents: write
52+
pull-requests: write
53+
concurrency:
54+
group: release-plz-${{ github.ref }}
55+
cancel-in-progress: false
56+
steps:
57+
- name: Checkout repository
58+
uses: actions/checkout@v6
59+
with:
60+
fetch-depth: 0
61+
persist-credentials: false
62+
63+
- name: Install Rust toolchain
64+
uses: dtolnay/rust-toolchain@stable
65+
66+
- name: Run release-plz release-pr
67+
uses: release-plz/action@v0.5
68+
with:
69+
command: release-pr
70+
env:
71+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
72+
# CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
73+
1774
build-amd64:
1875
runs-on: ubuntu-latest
76+
needs: [release-plz]
77+
if: always() && (needs.release-plz.result == 'success' || needs.release-plz.result == 'skipped')
78+
permissions:
79+
packages: write
80+
security-events: write
1981
outputs:
2082
digest: ${{ steps.build.outputs.digest }}
2183
steps:
@@ -27,7 +89,7 @@ jobs:
2789
- name: Select build profile
2890
id: config
2991
run: |
30-
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
92+
if [[ "${{ needs.release-plz.outputs.is_release }}" == "true" ]]; then
3193
echo "profile=release" >> "$GITHUB_OUTPUT"
3294
else
3395
echo "profile=edge" >> "$GITHUB_OUTPUT"
@@ -54,7 +116,7 @@ jobs:
54116
tags: ghcr.io/${{ github.repository }}:build-${{ github.run_id }}-amd64
55117
build-args: CARGO_PROFILE=${{ steps.config.outputs.profile }}
56118
cache-from: type=gha,scope=build-amd64
57-
cache-to: type=gha,mode=max,scope=build-arm64
119+
cache-to: type=gha,mode=max,scope=build-amd64
58120

59121
- name: Scan image
60122
uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2
@@ -74,6 +136,10 @@ jobs:
74136

75137
build-arm64:
76138
runs-on: ubuntu-24.04-arm
139+
needs: [release-plz]
140+
if: always() && (needs.release-plz.result == 'success' || needs.release-plz.result == 'skipped')
141+
permissions:
142+
packages: write
77143
outputs:
78144
digest: ${{ steps.build.outputs.digest }}
79145
steps:
@@ -85,7 +151,7 @@ jobs:
85151
- name: Select build profile
86152
id: config
87153
run: |
88-
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
154+
if [[ "${{ needs.release-plz.outputs.is_release }}" == "true" ]]; then
89155
echo "profile=release" >> "$GITHUB_OUTPUT"
90156
else
91157
echo "profile=edge" >> "$GITHUB_OUTPUT"
@@ -116,33 +182,20 @@ jobs:
116182

117183
merge:
118184
runs-on: ubuntu-latest
119-
needs: [build-amd64, build-arm64]
185+
needs: [release-plz, build-amd64, build-arm64]
186+
if: always() && (needs.build-amd64.result == 'success' && needs.build-arm64.result == 'success')
187+
permissions:
188+
packages: write
120189
steps:
121-
- name: Checkout
122-
uses: actions/checkout@v6
123-
with:
124-
fetch-depth: 0
125-
126-
- name: Detect release tag on HEAD
127-
id: release
128-
run: |
129-
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
130-
TAG="${{ github.ref_name }}"
131-
else
132-
TAG=""
133-
fi
134-
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
135-
echo "is_release=$([[ -n "${TAG}" ]] && echo true || echo false)" >> "$GITHUB_OUTPUT"
136-
137190
- name: Docker meta
138191
id: meta
139192
uses: docker/metadata-action@v6
140193
with:
141194
images: ghcr.io/${{ github.repository }}
142195
tags: |
143-
type=semver,pattern={{version}},value=${{ steps.release.outputs.tag }},enable=${{ steps.release.outputs.is_release == 'true' }}
144-
type=semver,pattern={{major}}.{{minor}},value=${{ steps.release.outputs.tag }},enable=${{ steps.release.outputs.is_release == 'true' }}
145-
type=edge,enable=${{ steps.release.outputs.is_release != 'true' }}
196+
type=semver,pattern={{version}},value=${{ needs.release-plz.outputs.tag }},enable=${{ needs.release-plz.outputs.is_release == 'true' }}
197+
type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-plz.outputs.tag }},enable=${{ needs.release-plz.outputs.is_release == 'true' }}
198+
type=edge,enable=${{ needs.release-plz.outputs.is_release != 'true' }}
146199
type=ref,event=pr
147200
type=ref,event=branch,enable=${{ github.event_name == 'workflow_dispatch' }}
148201

.github/workflows/release-plz.yml

Lines changed: 0 additions & 56 deletions
This file was deleted.

0 commit comments

Comments
 (0)