-
Notifications
You must be signed in to change notification settings - Fork 1.4k
129 lines (109 loc) · 3.79 KB
/
post-tag.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Post Tag
on:
push:
tags:
- "*"
jobs:
generate:
name: Generate Code
runs-on: ubuntu-24.04
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
token: ${{ secrets.GH_PUSH_TOKEN }}
- name: Generate
run: make clean generate
release-build:
name: Release Build (linux, windows)
runs-on: ubuntu-24.04
needs: generate
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
fetch-tags: true
- name: Git Describe
run: git describe --tags
- name: Build Linux and Windows
run: make ci-go-ci-build-linux ci-go-ci-build-linux-static ci-go-ci-build-windows
timeout-minutes: 30
env:
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Build Linux arm64
run: make ci-go-ci-build-linux-static
timeout-minutes: 30
env:
GOARCH: arm64
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Upload binaries
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
if: always()
with:
name: binaries-linux-windows
path: _release
release-build-darwin:
name: Release Build (darwin)
runs-on: macos-14
needs: generate
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
fetch-tags: true
- name: Git Describe
run: git describe --tags
- id: go_version
name: Read go version
run: echo "go_version=$(cat .go-version)" >> $GITHUB_OUTPUT
- name: Install Go (${{ steps.go_version.outputs.go_version }})
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: ${{ steps.go_version.outputs.go_version }}
- name: Build Darwin
run: |
make ci-build-darwin GOARCH=amd64
make ci-build-darwin-arm64-static
timeout-minutes: 30
env:
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Upload binaries (darwin)
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
if: always()
with:
name: binaries-darwin
path: _release
build:
name: Push Latest Release
needs: [release-build, release-build-darwin]
runs-on: ubuntu-24.04
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set TAG_NAME in Environment
# Subsequent jobs will be have the computed tag name
run: echo "TAG_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Download release binaries
uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
with:
pattern: binaries-*
merge-multiple: true
path: _release
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
- name: Build and Deploy OPA Docker Images
id: build-and-deploy
env:
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }}
# Only run if required secrets are provided
if: ${{ env.DOCKER_USER && env.DOCKER_PASSWORD }}
run: make release-ci
- name: Create or Update Release
env:
# Required for the GitHub CLI
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: ./build/github-release.sh --asset-dir=$(make release-dir) --tag=${TAG_NAME}