Skip to content

Merge pull request #350 from cert-manager/dependabot/go_modules/all-c… #7

Merge pull request #350 from cert-manager/dependabot/go_modules/all-c…

Merge pull request #350 from cert-manager/dependabot/go_modules/all-c… #7

Workflow file for this run

name: release
on:
push:
tags:
- "v*"
env:
VERSION: ${{ github.ref_name }}
jobs:
build_images:
runs-on: ubuntu-latest
permissions:
contents: read # needed for checkout
packages: write # needed for push images
id-token: write # needed for keyless signing
steps:
- uses: actions/checkout@v4
- id: go-version
run: |
make print-go-version >> "$GITHUB_OUTPUT"
- uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- uses: actions/setup-go@v5
with:
go-version: ${{ steps.go-version.outputs.result }}
- id: release
run: make release
- uses: actions/upload-artifact@v4
with:
name: ${{ steps.release.outputs.RELEASE_HELM_CHART_NAME }}-${{ steps.release.outputs.RELEASE_HELM_CHART_VERSION }}.tgz
path: ${{ steps.release.outputs.RELEASE_HELM_CHART_TAR }}
if-no-files-found: error
outputs:
RELEASE_OCI_MANAGER_IMAGE: ${{ steps.release.outputs.RELEASE_OCI_MANAGER_IMAGE }}
RELEASE_OCI_MANAGER_TAG: ${{ steps.release.outputs.RELEASE_OCI_MANAGER_TAG }}
RELEASE_HELM_CHART_NAME: ${{ steps.release.outputs.RELEASE_HELM_CHART_NAME }}
RELEASE_HELM_CHART_VERSION: ${{ steps.release.outputs.RELEASE_HELM_CHART_VERSION }}
github_release:
runs-on: ubuntu-latest
needs: build_images
permissions:
contents: write # needed for creating a PR
pull-requests: write # needed for creating a PR
steps:
- run: |
touch .notes-file
echo "OCI_MANAGER_IMAGE: ${{ needs.build_images.outputs.RELEASE_OCI_MANAGER_IMAGE }}" >> .notes-file
echo "OCI_MANAGER_TAG: ${{ needs.build_images.outputs.RELEASE_OCI_MANAGER_TAG }}" >> .notes-file
echo "HELM_CHART_NAME: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}" >> .notes-file
echo "HELM_CHART_VERSION: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}" >> .notes-file
- id: chart_download
uses: actions/download-artifact@v4
with:
name: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}-${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}.tgz
- env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create "$VERSION" \
--repo="$GITHUB_REPOSITORY" \
--title="${VERSION}" \
--draft \
--verify-tag \
--notes-file .notes-file
gh release upload "$VERSION" \
--repo="$GITHUB_REPOSITORY" \
"${{ steps.chart_download.outputs.download-path }}/${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}-${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}.tgz"