Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 0c889145b5
Branches Tags
helm-externa...
/
.github
/
workflows
/
release_esoctl.yml

release_esoctl.yml 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. name: Create Release for esoctl
    2. 

  2. 

  3. on:
    4. 

  4.   workflow_dispatch:
    5. 

  5.     inputs:
    6. 

  6.       version:
    7. 

  7.         description: 'version to release, e.g. v0.1.0-esoctl'
    8. 

  8.         required: true
    9. 

  9.         default: 'v0.1.0-esoctl'
    10. 

  10.       source_ref:
    11. 

  11.         description: 'source ref to publish from. E.g.: main or release-x.y'
    12. 

  12.         required: true
    13. 

  13.         default: 'main'
    14. 

  14. 

  15. # this is required for security check even though we immediately set it to
    16. 

  16. # write in the release job.
    17. 

  17. permissions:
    18. 

  18.   contents: read
    19. 

  19. 

  20. jobs:
    21. 

  21.   release:
    22. 

  22.     name: Create Release for esoctl
    23. 

  23.     runs-on: ubuntu-latest
    24. 

  24.     permissions:
    25. 

  25.       contents: write # for publishing the release
    26. 

  26.     steps:
    27. 

  27.       - name: Checkout
    28. 

  28.         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
    29. 

  29.         with:
    30. 

  30.           fetch-depth: 0
    31. 

  31.           ref: ${{ github.event.inputs.source_ref }}
    32. 

  32. 

  33.       - name: Setup Go
    34. 

  34.         uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
    35. 

  35.         id: setup-go
    36. 

  36.         with:
    37. 

  37.           go-version-file: "go.mod"
    38. 

  38. 

  39.       - name: Download Go modules
    40. 

  40.         if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
    41. 

  41.         run: go mod download
    42. 

  42. 

  43.       - name: Install Syft
    44. 

  44.         uses: anchore/sbom-action/download-syft@f325610c9f50a54015d37c8d16cb3b0e2c8f4de0 # v0.18.0
    45. 

  45. 

  46.       - name: Import GPG key
    47. 

  47.         id: import_gpg
    48. 

  48.         uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
    49. 

  49.         with:
    50. 

  50.           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
    51. 

  51.           passphrase: ${{ secrets.GPG_PASSPHRASE }}
    52. 

  52. 

  53.       - name: Check if Tag Exists
    54. 

  54.         id: check_tag
    55. 

  55.         run: |
    56. 

  56.           if git rev-parse "${{ github.event.inputs.version }}" >/dev/null 2>&1; then
    57. 

  57.             echo "Tag exists."
    58. 

  58.             exit 1
    59. 

  59.           fi
    60. 

  60. 

  61.       - name: Create Tag if Not Exists
    62. 

  62.         if: success()
    63. 

  63.         run: |
    64. 

  64.           TAG="${{ github.event.inputs.version }}"
    65. 

  65.           git tag $TAG
    66. 

  66.           git push origin $TAG
    67. 

  67. 

  68.       - name: Run GoReleaser
    69. 

  69.         uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
    70. 

  70.         with:
    71. 

  71.           version: '~> v2'
    72. 

  72.           args: release --clean
    73. 

  73.           workdir: cmd/esoctl
    74. 

  74.         env:
    75. 

  75.           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    76. 

  76.           GORELEASER_CURRENT_TAG: ${{ github.event.inputs.version }}
    77. 

  77.           GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
    78.