opentelemetry-collector-releases/.github/workflows/base-binary-release.yaml at fb42400880824198a460d2f63175a0cba0fdf348 · open-telemetry/opentelemetry-collector-releases · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Reusable binary release workflow
on:
  workflow_call:
    inputs:
      binary:
        required: true
        type: string
        description: "Which binary to release. Possible options: ['builder', 'opampsupervisor']"
      collector-dependency:
        required: false
        type: string
        default: ""
        description: "Set this to the repo slug of collector core or contrib to check out if it's needed as a dependency"
      dependency-target-folder:
        required: false
        type: string
        default: ""
        description: "The collector dependency will be put into this folder"

env:
  # renovate: datasource=github-releases depName=goreleaser/goreleaser-pro
  GORELEASER_PRO_VERSION: v2.11.2

jobs:
  goreleaser:
    runs-on: ubuntu-latest

    permissions:
      id-token: write
      packages: write
      contents: write

    steps:
      - name: Checkout Releases Repo
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          fetch-depth: 0

      - name: Set goreleaser last tag reference in case of non-nightly release
        id: prev-tag
        if: ${{ !contains(github.ref, '-nightly') }}
        # find previous tag by taking only binary tags, filtering out nightly tags and then choosing the
        # second to last tag (last one is the current release)
        run: |
          prev_tag=$(git tag | grep "cmd/${{ inputs.binary }}" | grep -v "nightly" | sort -r --version-sort | head -n 2 | tail -n 1)
          current_tag="cmd/${{ inputs.binary }}/${{ github.ref }}"
          echo "PREVIOUS_RELEASE_TAG=$prev_tag" >> "$GITHUB_OUTPUT"
          echo "CURRENT_TAG=$current_tag" >> "$GITHUB_OUTPUT"

      - name: Set nightly enabled
        id: nightly-check
        if: ${{ contains(github.ref, '-nightly') }}
        run: |
          echo "NIGHTLY_FLAG=--nightly" >> "$GITHUB_OUTPUT"

      - name: Set COLLECTOR_REF
        id: collector-ref
        run: |
          if [ '${{ contains(github.ref, '-nightly') }}' == 'true' ]; then
            echo "COLLECTOR_REF=main" >> "$GITHUB_OUTPUT"
          else
            echo "COLLECTOR_TAG=${{ github.ref }}" >> "$GITHUB_OUTPUT"
          fi

      - name: Push ${{ inputs.binary }} Tag
        run: |
          tag="cmd/${{ inputs.binary }}/${{ github.ref_name }}"
          message="Releasing ${{ inputs.binary }} binaries for ${{ steps.collector-ref.outputs.COLLECTOR_REF }}"
          git config user.name "${GITHUB_ACTOR}"
          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
          git tag -a "${tag}" -m "${message}"
          git push origin "${tag}"

      - name: Checkout Collector dependency repo
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          fetch-depth: 0
          repository: ${{ inputs.collector-dependency }}
          ref: ${{ steps.collector-ref.outputs.COLLECTOR_REF }}
          path: ${{ inputs.dependency-target-folder }}

      - name: Copy Dockerfile to Collector dependency directory
        run: cp cmd/${{ inputs.binary }}/Dockerfile ${{ inputs.dependency-target-folder }}/cmd/${{ inputs.binary }}/Dockerfile

      - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2

      - uses: anchore/sbom-action/download-syft@7b36ad622f042cab6f59a75c2ac24ccb256e9b45 # v0.20.4

      - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
        with:
          platforms: amd64,arm64,ppc64le,riscv64

      - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

      - name: Setup Go
        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
        with:
          go-version: "~1.24"

      - name: Log into Docker.io
        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
        with:
          username: ${{ vars.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN_COLLECTOR_RELEASES }}

      - name: Login to GitHub Package Registry
        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
        with:
          distribution: goreleaser-pro
          version: ${{ env.GORELEASER_PRO_VERSION }}
          args: release --clean -f cmd/${{ inputs.binary }}/.goreleaser.yaml ${{ steps.nightly-check.outputs.NIGHTLY_FLAG }}
        env:
          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          COSIGN_YES: true
          SKIP_SIGNS: false
          GORELEASER_PREVIOUS_TAG: ${{ steps.prev-tag.outputs.PREVIOUS_RELEASE_TAG }}
          GORELEASER_CURRENT_TAG: ${{ steps.prev-tag.outputs.CURRENT_TAG }}