Karmada v1.11.0 release #94

Workflow file for this run

.github/workflows/release.yml at e579560

	on:
	release:
	types:
	- published
	name: Build Release
	permissions:
	contents: read
	jobs:
	release-assests:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	name: release kubectl-karmada
	runs-on: ubuntu-22.04
	strategy:
	matrix:
	target:
	- karmadactl
	- kubectl-karmada
	os:
	- linux
	- darwin
	arch:
	- amd64
	- arm64
	steps:
	- uses: actions/checkout@v4
	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version-file: go.mod
	- name: Making and packaging
	env:
	GOOS: ${{ matrix.os }}
	GOARCH: ${{ matrix.arch }}
	run: make release-${{ matrix.target }}
	- name: upload cli
	uses: actions/upload-artifact@v4
	with:
	name: cli-${{ matrix.target }}-${{ matrix.os }}-${{ matrix.arch }}.tgz
	path: _output/release/${{ matrix.target }}-${{ matrix.os }}-${{ matrix.arch }}.tgz
	- name: Uploading assets...
	if: ${{ !env.ACT }}
	uses: softprops/action-gh-release@v2
	with:
	files: \|
	_output/release/${{ matrix.target }}-${{ matrix.os }}-${{ matrix.arch }}.tgz
	_output/release/${{ matrix.target }}-${{ matrix.os }}-${{ matrix.arch }}.tgz.sha256
	generate-subject-for-cli-provenance:
	needs: [release-assests]
	runs-on: ubuntu-22.04
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	steps:
	- name: download cli
	uses: actions/download-artifact@v4
	with:
	path: _output/release
	pattern: cli-*
	merge-multiple: true
	- name: generate cli hash
	id: hash
	run: \|
	cd _output/release
	# sha256sum generates sha256 hash for cli.
	# base64 -w0 encodes to base64 and outputs on a single line.
	echo "hashes=$(sha256sum *.tgz\|base64 -w0)" >> "$GITHUB_OUTPUT"
	cli-provenance:
	needs: [generate-subject-for-cli-provenance]
	permissions:
	actions: read # for detecting the Github Actions environment
	id-token: write # Needed for provenance signing and ID
	contents: write # Needed for release uploads
	# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
	with:
	base64-subjects: "${{ needs.generate-subject-for-cli-provenance.outputs.hashes }}"
	provenance-name: "karmada-cli.intoto.jsonl"
	upload-assets: true
	release-crds-assests:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	name: release crds
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v4
	- name: Rename the crds directory
	run: \|
	mv ./charts/karmada/_crds ./charts/karmada/crds
	- name: Tar the crds
	uses: a7ul/tar-action@v1.2.0
	with:
	command: c
	cwd: ./charts/karmada/
	files: crds
	outPath: crds.tar.gz
	- name: generate crds hash
	id: hash
	run: \|
	# sha256sum generates sha256 hash for crds.
	# base64 -w0 encodes to base64 and outputs on a single line.
	echo "hashes=$(sha256sum crds.tar.gz \| base64 -w0)" >> "$GITHUB_OUTPUT"
	- name: Uploading crd assets...
	uses: softprops/action-gh-release@v2
	with:
	files: \|
	crds.tar.gz
	crds-provenance:
	needs: [release-crds-assests]
	permissions:
	actions: read # for detecting the Github Actions environment
	id-token: write # Needed for provenance signing and ID
	contents: write # Needed for release uploads
	# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
	with:
	base64-subjects: "${{ needs.release-crds-assests.outputs.hashes }}"
	provenance-name: "karmada-crds.intoto.jsonl"
	upload-assets: true
	release-charts:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	name: Release charts
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v4
	- name: Making helm charts
	env:
	VERSION: ${{ github.ref_name }}
	run: make package-chart
	- name: Uploading assets...
	if: ${{ !env.ACT }}
	uses: softprops/action-gh-release@v2
	with:
	files: \|
	_output/charts/karmada-chart-${{ github.ref_name }}.tgz
	_output/charts/karmada-chart-${{ github.ref_name }}.tgz.sha256
	_output/charts/karmada-operator-chart-${{ github.ref_name }}.tgz
	_output/charts/karmada-operator-chart-${{ github.ref_name }}.tgz.sha256
	- name: generate charts hash
	id: hash
	run: \|
	cd _output/charts
	echo "hashes=$(sha256sum *.tgz\|base64 -w0)" >> "$GITHUB_OUTPUT"
	charts-provenance:
	needs: [release-charts]
	permissions:
	actions: read # for detecting the Github Actions environment
	id-token: write # Needed for provenance signing and ID
	contents: write # Needed for release uploads
	# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
	with:
	base64-subjects: "${{ needs.release-charts.outputs.hashes }}"
	provenance-name: "karmada-charts.intoto.jsonl"
	upload-assets: true
	sbom-assests:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	name: Release sbom
	outputs:
	hashes: ${{ steps.sbom-hash.outputs.hashes}}
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v4
	- name: Generate sbom for karmada file system
	uses: aquasecurity/trivy-action@0.24.0
	with:
	scan-type: 'fs'
	format: 'spdx'
	output: 'sbom-karmada.spdx'
	scan-ref: "/github/workspace/"
	- name: Tar the sbom files
	run: \|
	tar -zcf sbom.tar.gz *.spdx
	- name: Generate SBOM hash
	shell: bash
	id: sbom-hash
	run: \|
	# sha256sum generates sha256 hash for sbom.
	# base64 -w0 encodes to base64 and outputs on a single line.
	echo "hashes=$(sha256sum sbom.tar.gz \| base64 -w0)" >> "$GITHUB_OUTPUT"
	- name: Uploading sbom assets...
	uses: softprops/action-gh-release@v2
	with:
	files: \|
	sbom.tar.gz
	sbom-provenance:
	needs: [sbom-assests]
	permissions:
	actions: read # for detecting the Github Actions environment
	id-token: write # Needed for provenance signing and ID
	contents: write # Needed for release uploads
	# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
	with:
	base64-subjects: "${{ needs.sbom-assests.outputs.hashes }}"
	provenance-name: "karmada-sbom.intoto.jsonl"
	upload-assets: true

	update-krew-index:
	needs:
	- release-assests
	name: Update krew-index
	runs-on: ubuntu-22.04
	steps:
	- name: get latest tag
	id: get-latest-tag
	run: \|
	export LATEST_TAG=`gh api repos/karmada-io/karmada/releases/latest \| jq -r '.tag_name'`
	echo "Got the latest tag:$LATEST_TAG"
	echo "event.tag:"${{ github.event.release.tag_name }}
	echo "latestTag=$LATEST_TAG" >> "$GITHUB_OUTPUT"
	- uses: actions/checkout@v4
	if: steps.get-latest-tag.outputs.latestTag == github.event.release.tag_name
	- name: Update new version in krew-index
	if: steps.get-latest-tag.outputs.latestTag == github.event.release.tag_name
	uses: rajatjindal/krew-release-bot@v0.0.46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Karmada v1.11.0 release #94

Workflow file

Karmada v1.11.0 release #94

Jobs

Run details

Workflow file for this run