Update module github.com/go-openapi/swag to v0.25.1 (#38) #79
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - 'v*.*.*' | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| GO_VERSION: '1.25.1' | |
| jobs: | |
| build-image: | |
| name: Build and Push Image | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| outputs: | |
| digest: ${{ steps.build.outputs.digest }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| version: ${{ steps.version.outputs.version }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Extract version | |
| id: version | |
| run: | | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| VERSION=${GITHUB_REF#refs/tags/v} | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "is_release=true" >> $GITHUB_OUTPUT | |
| echo "Version: $VERSION" | |
| else | |
| echo "version=0.0.0-latest" >> $GITHUB_OUTPUT | |
| echo "is_release=false" >> $GITHUB_OUTPUT | |
| echo "Version: 0.0.0-latest (development)" | |
| fi | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=raw,value=latest | |
| type=sha,prefix=sha- | |
| - name: Build and push Docker image | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| provenance: false | |
| sbom: false | |
| - name: Verify build success | |
| run: | | |
| if [[ -z "${{ steps.build.outputs.digest }}" ]]; then | |
| echo "❌ Docker build failed - no digest generated" | |
| exit 1 | |
| fi | |
| echo "✅ Docker build successful" | |
| echo "Digest: ${{ steps.build.outputs.digest }}" | |
| - name: Install cosign | |
| uses: sigstore/[email protected] | |
| - name: Sign container image | |
| env: | |
| DIGEST: ${{ steps.build.outputs.digest }} | |
| TAGS: ${{ steps.meta.outputs.tags }} | |
| run: | | |
| echo "$TAGS" | while IFS= read -r tag; do | |
| if [[ -n "$tag" ]]; then | |
| echo "Signing: $tag@${DIGEST}" | |
| cosign sign --yes "$tag@${DIGEST}" || echo "::warning::Failed to sign $tag" | |
| fi | |
| done | |
| - name: Generate SBOM | |
| uses: anchore/[email protected] | |
| with: | |
| image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build.outputs.digest }} | |
| format: spdx-json | |
| output-file: sbom.spdx.json | |
| - name: Upload SBOM | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sbom | |
| path: sbom.spdx.json | |
| release-helm: | |
| name: Release Helm Chart | |
| runs-on: ubuntu-latest | |
| needs: build-image | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: v3.17.0 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Update Chart with image digest | |
| env: | |
| DIGEST: ${{ needs.build-image.outputs.digest }} | |
| VERSION: ${{ needs.build-image.outputs.version }} | |
| run: | | |
| # Update Chart.yaml versions | |
| sed -i "s/version: .*/version: $VERSION/" charts/homer-operator/Chart.yaml | |
| sed -i "s/appVersion: .*/appVersion: \"$VERSION\"/" charts/homer-operator/Chart.yaml | |
| # Update values.yaml to use the specific digest | |
| REPO_NAME=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]') | |
| IMAGE_WITH_DIGEST="${{ env.REGISTRY }}/${REPO_NAME}@${DIGEST}" | |
| # Update the image repository and tag in values.yaml (only main image, not rbac-proxy) | |
| sed -i "s|^ repository: .*| repository: ${{ env.REGISTRY }}/${REPO_NAME}|" charts/homer-operator/values.yaml | |
| sed -i "s|^ tag: .*| tag: \"$VERSION\"|" charts/homer-operator/values.yaml | |
| echo "Updated Chart.yaml and values.yaml" | |
| echo "Version: $VERSION" | |
| echo "Image: $IMAGE_WITH_DIGEST" | |
| - name: Validate updated chart | |
| run: | | |
| helm lint charts/homer-operator | |
| helm template test charts/homer-operator --dry-run > /dev/null | |
| echo "✅ Updated chart validation passed" | |
| - name: Package and Push Helm Chart | |
| run: | | |
| VERSION="${{ needs.build-image.outputs.version }}" | |
| REPO_NAME=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]') | |
| # Package the chart | |
| helm package charts/homer-operator --destination ./packaged-charts | |
| # Push to GHCR | |
| helm push "./packaged-charts/homer-operator-${VERSION}.tgz" "oci://${{ env.REGISTRY }}/${REPO_NAME}/charts" | |
| echo "✅ Chart pushed to: oci://${{ env.REGISTRY }}/${REPO_NAME}/charts/homer-operator:${VERSION}" | |
| create-github-release: | |
| name: Create GitHub Release | |
| runs-on: ubuntu-latest | |
| needs: [build-image, release-helm] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download SBOM | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: sbom | |
| - name: Create Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| draft: false | |
| prerelease: false | |
| generate_release_notes: true | |
| files: | | |
| sbom.spdx.json | |
| body: | | |
| ## Release ${{ needs.build-image.outputs.version }} | |
| ### Docker Image | |
| ```bash | |
| docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build-image.outputs.version }} | |
| ``` | |
| **Digest:** `${{ needs.build-image.outputs.digest }}` | |
| ### Helm Chart | |
| ```bash | |
| helm install homer-operator oci://${{ env.REGISTRY }}/${{ github.repository }}/charts/homer-operator \ | |
| --version ${{ needs.build-image.outputs.version }} \ | |
| --namespace homer-operator-system \ | |
| --create-namespace | |
| ``` | |
| ### What's Changed | |
| See the full changelog below. | |
| --- | |
| **Full Changelog**: https://github.com/${{ github.repository }}/commits/${{ github.ref_name }} |