fleet/.github/workflows/goreleaser-fleet.yaml

93 lines
2.8 KiB
YAML
Raw Permalink Normal View History

name: goreleaser
on:
push:
tags:
- "fleet-*"
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
permissions:
contents: read
jobs:
goreleaser:
runs-on: ubuntu-20.04
environment: Docker Hub
permissions:
contents: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
fetch-depth: 0 # Needed for goreleaser
- name: Login to Docker Hub
Bump docker/login-action from 2.0.0 to 2.1.0 (#10182) Bumps [docker/login-action](https://github.com/docker/login-action) from 2.0.0 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Ensure AWS temp credentials are redacted in workflow logs by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/login-action/issues/275">#275</a>)</li> <li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a href="https://github-redirect.dependabot.com/docker/login-action/issues/252">#252</a> <a href="https://github-redirect.dependabot.com/docker/login-action/issues/292">#292</a>)</li> <li>Bump <code>@​aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a href="https://github-redirect.dependabot.com/docker/login-action/issues/298">#298</a>)</li> <li>Bump <code>@​aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0 (<a href="https://github-redirect.dependabot.com/docker/login-action/issues/299">#299</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/f4ef78c080cd8ba55a85445d5b36e214a81df20a"><code>f4ef78c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/login-action/issues/299">#299</a> from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li> <li><a href="https://github.com/docker/login-action/commit/9ad4ce3929bc07d004540e2ebe754234848335e2"><code>9ad4ce3</code></a> Update generated content</li> <li><a href="https://github.com/docker/login-action/commit/884eadd4f88fc6034a7a1ba10fbd2fd69404b94b"><code>884eadd</code></a> Bump <code>@​aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0</li> <li><a href="https://github.com/docker/login-action/commit/a266232f5c33001624fdfca7a1d9e5c5612a20ac"><code>a266232</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/login-action/issues/298">#298</a> from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li> <li><a href="https://github.com/docker/login-action/commit/f97efcfbf9cb420547dae40adf642fc2366c979a"><code>f97efcf</code></a> Update generated content</li> <li><a href="https://github.com/docker/login-action/commit/5ae789beac0ced16338cc5996b168a5785de8ae9"><code>5ae789b</code></a> Bump <code>@​aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0</li> <li><a href="https://github.com/docker/login-action/commit/71c23b5b3471683fb0acf7a6c821f834735aec44"><code>71c23b5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/login-action/issues/292">#292</a> from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li> <li><a href="https://github.com/docker/login-action/commit/6401d70aab8811e905cbf52b0eae2c58bc274b5b"><code>6401d70</code></a> Update generated content</li> <li><a href="https://github.com/docker/login-action/commit/67e8909cc694e896d07b96876522f898972abbfd"><code>67e8909</code></a> Bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li> <li><a href="https://github.com/docker/login-action/commit/21f251affc0769ccac8a1cf17e937592fb492337"><code>21f251a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/login-action/issues/275">#275</a> from crazy-max/redact-aws-creds</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/49ed152c8eca782a232dede0303416e8f356c37b...f4ef78c080cd8ba55a85445d5b36e214a81df20a">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 01:19:37 +00:00
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: ${{ vars.GO_VERSION }}
# Set the Node.js version
- name: Set up Node.js ${{ vars.NODE_VERSION }}
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
with:
node-version: ${{ vars.NODE_VERSION }}
- name: Install JS Dependencies
run: make deps-js
- name: Install Go Dependencies
run: make deps-go
- name: Run GoReleaser
Bump goreleaser/goreleaser-action from 3.0.0 to 4.2.0 (#9558) Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 3.0.0 to 4.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/goreleaser/goreleaser-action/releases">goreleaser/goreleaser-action's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>fix: don't depend on the GitHub API to check release by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/391">goreleaser/goreleaser-action#391</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0">https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0</a></p> <h2>v4.1.1</h2> <h2>What's Changed</h2> <ul> <li>Update Readme to reference <code>goreleaser/goreleaser-action@v4</code> by <a href="https://github.com/felladrin"><code>@​felladrin</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384">goreleaser/goreleaser-action#384</a></li> <li>docs: fix README badge by <a href="https://github.com/dirien"><code>@​dirien</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386">goreleaser/goreleaser-action#386</a></li> <li>chore(deps): bump json5 from 2.2.0 to 2.2.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/388">goreleaser/goreleaser-action#388</a></li> <li>fix: use <code>@​action/github</code> by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> and <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/390">goreleaser/goreleaser-action#390</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/felladrin"><code>@​felladrin</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384">goreleaser/goreleaser-action#384</a></li> <li><a href="https://github.com/dirien"><code>@​dirien</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386">goreleaser/goreleaser-action#386</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1">https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1</a></p> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>feat!: remove auto-snapshot on dirty tag by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/382">goreleaser/goreleaser-action#382</a></li> <li>docs: add example when using workdir along with upload-artifact by <a href="https://github.com/zdtsw"><code>@​zdtsw</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366">goreleaser/goreleaser-action#366</a></li> <li>Fix Self-Hosted Windows Error: Expand-Archive by <a href="https://github.com/flarco"><code>@​flarco</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379">goreleaser/goreleaser-action#379</a></li> <li>chore(deps): bump minimatch from 3.0.4 to 3.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/383">goreleaser/goreleaser-action#383</a></li> </ul> <h2>Migrating from v3</h2> <p>If you need the auto-snapshot feature, take a look at <a href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example">this example repository</a>: it's a minimal working example with all you need.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/zdtsw"><code>@​zdtsw</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366">goreleaser/goreleaser-action#366</a></li> <li><a href="https://github.com/flarco"><code>@​flarco</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379">goreleaser/goreleaser-action#379</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0">https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0</a></p> <h2>v4.0.0</h2> <h2>What's Changed</h2> <ul> <li>fix: do not override GORELEASER_CURRENT_TAG by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/370">goreleaser/goreleaser-action#370</a></li> </ul> <h2>Migrating from v3</h2> <p>If you need the auto-snapshot feature, take a look at <a href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example">this example repository</a>: it's a minimal working example with all you need.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0">https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0</a></p> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>chore: remove workaround for <code>setOutput</code> by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/374">#374</a>)</li> <li>chore(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0 (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/372">#372</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/f82d6c1c344bcacabba2c841718984797f664a6b"><code>f82d6c1</code></a> fix: don't depend on the GitHub API to check release (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/391">#391</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/9754a253a8673b0ea869c2e863b4e975497efd0c"><code>9754a25</code></a> fix: use <code>@​action/github</code> (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/390">#390</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/b1a238106b6582da75cc041a06cf8473dc02b3ca"><code>b1a2381</code></a> build: run ci on workflow dispatch</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/b1ffc5d9902c456688e7814a5f93e0b3309f7c0b"><code>b1ffc5d</code></a> chore(deps): bump json5 from 2.2.0 to 2.2.3 (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/388">#388</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/256e4b8b2899ef3f97260f849b8ddcc8e8794fb4"><code>256e4b8</code></a> docs: migrating from v3</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/a7c543ca7a866f4d914fa7a767ded0c3868d0821"><code>a7c543c</code></a> docs: fix README badgea (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/386">#386</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/13f1e21a502d76668f53fc8631dfef02a96ecac6"><code>13f1e21</code></a> docs: update Readme to reference <code>goreleaser/goreleaser-action@v4</code> (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/384">#384</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/8f67e590f2d095516493f017008adc464e63adb1"><code>8f67e59</code></a> chore: regenerate</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/78df308971ca82472949e05f288641bf24078f12"><code>78df308</code></a> chore(deps): bump minimatch from 3.0.4 to 3.1.2 (<a href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/383">#383</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/66134d94a72316c372bfb2832b853f249cf96a0c"><code>66134d9</code></a> Merge remote-tracking branch 'origin/master' into flarco/master</li> <li>Additional commits viewable in <a href="https://github.com/goreleaser/goreleaser-action/compare/68acf3b1adf004ac9c2f0a4259e85c5f66e99bef...f82d6c1c344bcacabba2c841718984797f664a6b">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goreleaser/goreleaser-action&package-manager=github_actions&previous-version=3.0.0&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 02:22:01 +00:00
uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b
with:
distribution: goreleaser-pro
version: latest
2021-08-04 18:47:03 +00:00
args: release --rm-dist -f .goreleaser.yml
env:
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get tag
run: |
echo "TAG=$(git describe --tags | sed -e "s/^fleet-//")" >> $GITHUB_OUTPUT
id: docker
- name: List tags for push
run: |
echo "The following TAGs are to be pushed: ${{ steps.docker.outputs.TAG }}"
- name: Login to quay.io
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
with:
registry: quay.io
username: fleetdm+fleetreleaser
password: ${{ secrets.QUAY_REGISTRY_PASSWORD }}
- name: Tag and push to quay.io
run: |
for TAG in ${{ steps.docker.outputs.TAG }}; do
docker tag fleetdm/fleet:${TAG} quay.io/fleetdm/fleet:${TAG}
docker push quay.io/fleetdm/fleet:${TAG}
done