feat: add go provider (#100) #84
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Please | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| cloudflare_resolver_release_created: ${{ steps.releasemanifest.outputs['confidence-cloudflare-resolver--release_created'] }} | |
| java_provider_release_created: ${{ steps.releasemanifest.outputs['openfeature-provider/java--release_created'] }} | |
| js_provider_release_created: ${{ steps.releasemanifest.outputs['openfeature-provider/js--release_created'] }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Release Please (manifest) | |
| id: releasemanifest | |
| uses: googleapis/release-please-action@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| config-file: release-please-config.json | |
| manifest-file: .release-please-manifest.json | |
| - name: Debug - Log Release Please outputs | |
| run: | | |
| echo "=== Release Please Outputs ===" | |
| echo "All outputs (JSON):" | |
| echo '${{ toJSON(steps.releasemanifest.outputs) }}' | |
| publish-cloudflare-deployer-image: | |
| needs: release | |
| if: ${{ needs.release.outputs.cloudflare_resolver_release_created == 'true' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Extract confidence-cloudflare-resolver version and tag | |
| id: extract_ccr_version | |
| run: | | |
| VERSION=$(grep -m1 '^version\s*=\s*"' confidence-cloudflare-resolver/Cargo.toml | sed -E 's/.*"([^\"]+)".*/\1/') | |
| echo "CCR_VERSION=$VERSION" >> $GITHUB_ENV | |
| echo "CCR_TAG_NAME=confidence-cloudflare-resolver-v$VERSION" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/confidence-cloudflare-deployer | |
| tags: | | |
| type=raw,value=${{ env.CCR_TAG_NAME }} | |
| type=raw,value=latest | |
| - name: Build and push deployer image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./confidence-cloudflare-resolver/deployer/Dockerfile | |
| push: true | |
| build-args: | | |
| COMMIT_SHA=${{ github.sha }} | |
| platforms: linux/amd64 | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| publish-java-provider-release: | |
| needs: release | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.release.outputs.java_provider_release_created == 'true' }} | |
| steps: | |
| - name: Checkout release tag | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Construct Maven settings file | |
| run: | | |
| cat > /tmp/maven_settings.xml <<'EOF' | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 | |
| http://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <id>central</id> | |
| <username>${{ secrets.MAVEN_CENTRAL_USERNAME }}</username> | |
| <password>${{ secrets.MAVEN_CENTRAL_PASSWORD }}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| - name: Write GPG key and passphrase to files | |
| run: | | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" > /tmp/gpg_private_key.asc | |
| echo "${{ secrets.SIGN_KEY_PASS }}" > /tmp/gpg_pass.txt | |
| - name: Publish Java package with Docker | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| target: openfeature-provider-java.publish | |
| cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/cache:main | |
| secret-files: | | |
| maven_settings=/tmp/maven_settings.xml | |
| gpg_private_key=/tmp/gpg_private_key.asc | |
| gpg_pass=/tmp/gpg_pass.txt | |
| publish-js-provider-release: | |
| needs: release | |
| runs-on: ubuntu-latest | |
| environment: deployment | |
| permissions: | |
| id-token: write # Required for npm OIDC publishing | |
| contents: read | |
| if: ${{ needs.release.outputs.js_provider_release_created == 'true' }} | |
| steps: | |
| - name: Checkout release tag | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and extract package tarball with Docker | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| target: openfeature-provider-js.artifact | |
| outputs: type=local,dest=./artifacts | |
| cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/cache:main | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Update npm | |
| run: npm install -g npm@latest | |
| - name: Publish to npm with OIDC | |
| run: npm publish ./artifacts/package.tgz --provenance --access public |