TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 22:27:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove old ci

Browse Source
This commit is contained in:
Florian Forster 2025-02-26 14:27:14 +01:00
parent 1b170e553e
commit 1d7be1d058
No known key found for this signature in database
11 changed files with 1 additions and 1088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
.github/workflows/build.yml vendored
View File

@ -1,116 +0,0 @@
name: ZITADEL CI/CD
on:
push:
tags-ignore:
- "*"
branches:
- "main"
pull_request:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
permissions:
contents: write
packages: write
issues: write
pull-requests: write
jobs:
core:
uses: ./.github/workflows/core.yml
with:
node_version: "20"
buf_version: "latest"
go_version: "1.23"
console:
uses: ./.github/workflows/console.yml
with:
node_version: "20"
buf_version: "latest"
version:
uses: ./.github/workflows/version.yml
with:
semantic_version: "23.0.7"
dry_run: true
compile:
needs: [core, console, version]
uses: ./.github/workflows/compile.yml
with:
go_version: "1.23"
core_cache_key: ${{ needs.core.outputs.cache_key }}
console_cache_key: ${{ needs.console.outputs.cache_key }}
core_cache_path: ${{ needs.core.outputs.cache_path }}
console_cache_path: ${{ needs.console.outputs.cache_path }}
version: ${{ needs.version.outputs.version }}
core-unit-test:
needs: core
uses: ./.github/workflows/core-unit-test.yml
with:
go_version: "1.23"
core_cache_key: ${{ needs.core.outputs.cache_key }}
core_cache_path: ${{ needs.core.outputs.cache_path }}
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
core-integration-test:
needs: core
uses: ./.github/workflows/core-integration-test.yml
with:
go_version: "1.23"
core_cache_key: ${{ needs.core.outputs.cache_key }}
core_cache_path: ${{ needs.core.outputs.cache_path }}
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
lint:
needs: [core, console]
uses: ./.github/workflows/lint.yml
with:
go_version: "1.23"
node_version: "18"
buf_version: "latest"
go_lint_version: "v1.62.2"
core_cache_key: ${{ needs.core.outputs.cache_key }}
core_cache_path: ${{ needs.core.outputs.cache_path }}
container:
needs: [compile]
uses: ./.github/workflows/container.yml
secrets: inherit
permissions:
packages: write
if: ${{ github.event_name == 'workflow_dispatch' }}
with:
build_image_name: "ghcr.io/zitadel/zitadel-build"
e2e:
uses: ./.github/workflows/e2e.yml
needs: [compile]
release:
uses: ./.github/workflows/release.yml
permissions:
packages: write
contents: write
issues: write
pull-requests: write
needs:
[version, core-unit-test, core-integration-test, lint, container, e2e]
if: ${{ github.event_name == 'workflow_dispatch' }}
secrets:
GCR_JSON_KEY_BASE64: ${{ secrets.GCR_JSON_KEY_BASE64 }}
APP_ID: ${{ secrets.APP_ID }}
APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
with:
build_image_name: ${{ needs.container.outputs.build_image }}
semantic_version: "23.0.7"
image_name: "ghcr.io/zitadel/zitadel"
google_image_name: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel"

2
.github/workflows/ffo-test.yml → .github/workflows/ci.yml vendored
View File

@ -1,4 +1,4 @@
name: "Docker Bake Test"
name: "name: ZITADEL CI"
on:
push:

99
.github/workflows/compile.yml vendored
View File

@ -1,99 +0,0 @@
name: Compile
on:
workflow_call:
inputs:
go_version:
required: true
type: string
core_cache_key:
required: true
type: string
core_cache_path:
required: true
type: string
console_cache_key:
required: true
type: string
console_cache_path:
required: true
type: string
version:
required: true
type: string
jobs:
executable:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
goos: [linux, darwin, windows]
goarch: [amd64, arm64]
steps:
-
uses: actions/checkout@v4
-
uses: actions/cache/restore@v4
timeout-minutes: 1
name: restore console
with:
path: ${{ inputs.console_cache_path }}
key: ${{ inputs.console_cache_key }}
fail-on-cache-miss: true
-
uses: actions/cache/restore@v4
timeout-minutes: 1
name: restore core
with:
path: ${{ inputs.core_cache_path }}
key: ${{ inputs.core_cache_key }}
fail-on-cache-miss: true
-
uses: actions/setup-go@v5
with:
go-version: ${{ inputs.go_version }}
-
name: compile
timeout-minutes: 5
run: |
GOOS="${{matrix.goos}}" \
GOARCH="${{matrix.goarch}}" \
VERSION="${{ inputs.version }}" \
COMMIT_SHA="${{ github.sha }}" \
make compile_pipeline
-
name: create folder
run: |
mkdir zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
mv zitadel zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/
cp LICENSE zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/
cp README.md zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/
tar -czvf zitadel-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
-
uses: actions/upload-artifact@v4
with:
name: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
path: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
checksums:
runs-on: ubuntu-latest
needs: executable
steps:
-
uses: actions/download-artifact@v4
with:
path: executables
-
name: move files one folder up
run: mv */*.tar.gz . && find . -type d -empty -delete
working-directory: executables
-
run: sha256sum * > checksums.txt
working-directory: executables
-
uses: actions/upload-artifact@v4
with:
name: checksums.txt
path: executables/checksums.txt

63
.github/workflows/console.yml vendored
View File

@ -1,63 +0,0 @@
name: Build console
on:
workflow_call:
inputs:
node_version:
required: true
type: string
buf_version:
required: true
type: string
outputs:
cache_key:
value: ${{ jobs.build.outputs.cache_key }}
cache_path:
value: ${{ jobs.build.outputs.cache_path }}
env:
cache_path: console/dist/console
jobs:
build:
outputs:
cache_key: ${{ steps.cache.outputs.cache-primary-key }}
cache_path: ${{ env.cache_path }}
runs-on:
group: zitadel-public
steps:
-
uses: actions/checkout@v4
-
uses: actions/cache/restore@v4
timeout-minutes: 1
continue-on-error: true
id: cache
with:
key: console-${{ hashFiles('console', 'proto', '!console/dist') }}
restore-keys: |
console-
path: ${{ env.cache_path }}
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: bufbuild/buf-setup-action@v1
with:
github_token: ${{ github.token }}
version: ${{ inputs.buf_version }}
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: actions/setup-node@v4
with:
node-version: ${{ inputs.node_version }}
cache: 'yarn'
cache-dependency-path: console/yarn.lock
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
run: make console_build
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v4
with:
path: ${{ env.cache_path }}
key: ${{ steps.cache.outputs.cache-primary-key }}

177
.github/workflows/container.yml vendored
View File

@ -1,177 +0,0 @@
name: Container
on:
workflow_call:
inputs:
build_image_name:
required: true
type: string
outputs:
build_image:
value: '${{ inputs.build_image_name }}:${{ github.sha }}'
permissions:
packages: write
env:
default_labels: |
org.opencontainers.image.documentation=https://zitadel.com/docs
org.opencontainers.image.vendor=CAOS AG
jobs:
build:
name: zitadel
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
arch: [amd64,arm64]
steps:
-
uses: actions/checkout@v4
-
name: Scratch meta
id: scratch-meta
uses: docker/metadata-action@v5
with:
images: ${{ inputs.build_image_name }}
labels: ${{ env.default_labels}}
tags: |
type=sha,prefix=,suffix=,format=long
-
name: Debug meta
id: debug-meta
uses: docker/metadata-action@v5
with:
images: ${{ inputs.build_image_name }}
labels: ${{ env.default_labels}}
tags: |
type=sha,prefix=,suffix=-debug,format=long
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: 'image=moby/buildkit:v0.11.6'
-
name: Login to Docker registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
uses: actions/download-artifact@v4
with:
path: .artifacts
name: zitadel-linux-${{ matrix.arch }}
-
name: Unpack executable
run: |
tar -xvf .artifacts/zitadel-linux-${{ matrix.arch }}.tar.gz
mv zitadel-linux-${{ matrix.arch }}/zitadel ./zitadel
-
name: Debug
id: build-debug
uses: docker/build-push-action@v5
timeout-minutes: 3
with:
context: .
cache-from: type=gha
cache-to: type=gha,mode=max
file: build/Dockerfile
target: artifact
platforms: linux/${{ matrix.arch }}
push: true
labels: ${{ steps.debug-meta.outputs.labels }}
outputs: type=image,name=${{ inputs.build_image_name }},push-by-digest=true,name-canonical=true,push=true
-
name: Scratch
id: build-scratch
uses: docker/build-push-action@v5
timeout-minutes: 3
with:
context: .
cache-from: type=gha
cache-to: type=gha,mode=max
file: build/Dockerfile
target: final
platforms: linux/${{ matrix.arch }}
push: true
labels: ${{ steps.scratch-meta.outputs.labels }}
outputs: type=image,name=${{ inputs.build_image_name }},push-by-digest=true,name-canonical=true,push=true
-
name: Export debug digest
run: |
mkdir -p /tmp/digests/debug
digest="${{ steps.build-debug.outputs.digest }}"
touch "/tmp/digests/debug/${digest#sha256:}"
-
name: Export scratch digest
run: |
mkdir -p /tmp/digests/scratch
digest="${{ steps.build-scratch.outputs.digest }}"
touch "/tmp/digests/scratch/${digest#sha256:}"
-
name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ matrix.arch }}
path: /tmp/digests
if-no-files-found: error
retention-days: 1
merge:
runs-on: ubuntu-latest
needs:
- build
strategy:
fail-fast: false
matrix:
image: [scratch, debug]
include:
- image: scratch
suffix: ''
- image: debug
suffix: '-debug'
steps:
-
name: Download digests
uses: actions/download-artifact@v4
with:
pattern: digests-*
path: /tmp/digests
merge-multiple: true
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: 'image=moby/buildkit:v0.11.6'
-
name: Login to Docker registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Docker meta
id: build-meta
uses: docker/metadata-action@v5
with:
images: '${{ inputs.build_image_name }}'
tags: |
type=sha,prefix=,suffix=${{ matrix.suffix }},format=long
-
name: Create build manifest list and push
working-directory: /tmp/digests/${{ matrix.image }}
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< '${{ steps.build-meta.outputs.json }}') \
$(printf '${{ inputs.build_image_name }}@sha256:%s ' *)
-
name: Inspect build image
run: |
docker buildx imagetools inspect ${{ inputs.build_image_name }}:${{ github.sha }}${{ matrix.suffix }}

172
.github/workflows/core-integration-test.yml vendored
View File

@ -1,172 +0,0 @@
name: Integration test core
on:
workflow_call:
inputs:
go_version:
required: true
type: string
core_cache_key:
required: true
type: string
core_cache_path:
required: true
type: string
secrets:
CODECOV_TOKEN:
required: true
jobs:
postgres:
runs-on:
group: zitadel-public
services:
postgres:
image: postgres
ports:
- 5432:5432
env:
POSTGRES_USER: zitadel
PGUSER: zitadel
POSTGRES_DB: zitadel
POSTGRES_HOST_AUTH_METHOD: trust
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
--health-start-period 10s
cache:
image: redis:latest
ports:
- 6379:6379
steps:
-
uses: actions/checkout@v4
-
uses: actions/setup-go@v5
with:
go-version: ${{ inputs.go_version }}
-
uses: actions/cache/restore@v4
timeout-minutes: 1
name: restore core
id: restore-core
with:
path: ${{ inputs.core_cache_path }}
key: ${{ inputs.core_cache_key }}
fail-on-cache-miss: true
-
id: go-cache-path
name: set cache path
run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT
-
uses: actions/cache/restore@v4
id: cache
timeout-minutes: 1
continue-on-error: true
name: restore previous results
with:
key: integration-test-postgres-${{ inputs.core_cache_key }}
restore-keys: |
integration-test-postgres-core-
path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}
-
name: test
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
env:
ZITADEL_MASTERKEY: MasterkeyNeedsToHave32Characters
INTEGRATION_DB_FLAVOR: postgres
run: make core_integration_test
-
name: upload server logs
if: always()
uses: actions/upload-artifact@v4
with:
name: integration-test-server-logs
path: |
tmp/zitadel.log
tmp/race.log.*
-
name: publish coverage
uses: codecov/codecov-action@v4.3.0
with:
file: profile.cov
name: core-integration-tests-postgres
flags: core-integration-tests-postgres
token: ${{ secrets.CODECOV_TOKEN }}
-
uses: actions/cache/save@v4
name: cache results
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
with:
key: integration-test-postgres-${{ inputs.core_cache_key }}
path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}
# TODO: produces the following output: ERROR: unknown command "cockroach start-single-node --insecure" for "cockroach"
# cockroach:
# runs-on: ubuntu-latest
# services:
# cockroach:
# image: cockroachdb/cockroach:latest
# ports:
# - 26257:26257
# - 8080:8080
# env:
# COCKROACH_ARGS: "start-single-node --insecure"
# options: >-
# --health-cmd "curl http://localhost:8080/health?ready=1 || exit 1"
# --health-interval 10s
# --health-timeout 5s
# --health-retries 5
# --health-start-period 10s
# steps:
# -
# uses: actions/checkout@v4
# -
# uses: actions/setup-go@v5
# with:
# go-version: ${{ inputs.go_version }}
# -
# uses: actions/cache/restore@v4
# timeout-minutes: 1
# name: restore core
# with:
# path: ${{ inputs.core_cache_path }}
# key: ${{ inputs.core_cache_key }}
# fail-on-cache-miss: true
# -
# id: go-cache-path
# name: set cache path
# run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT
# -
# uses: actions/cache/restore@v4
# id: cache
# timeout-minutes: 1
# name: restore previous results
# with:
# key: integration-test-crdb-${{ inputs.core_cache_key }}
# restore-keys: |
# integration-test-crdb-core-
# path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}
# -
# name: test
# if: ${{ steps.cache.outputs.cache-hit != 'true' }}
# env:
# ZITADEL_MASTERKEY: MasterkeyNeedsToHave32Characters
# INTEGRATION_DB_FLAVOR: cockroach
# run: make core_integration_test
# -
# name: publish coverage
# uses: codecov/codecov-action@v4.3.0
# with:
# file: profile.cov
# name: core-integration-tests-cockroach
# flags: core-integration-tests-cockroach
# -
# uses: actions/cache/save@v4
# name: cache results
# if: ${{ steps.cache.outputs.cache-hit != 'true' }}
# with:
# key: integration-test-crdb-${{ inputs.core_cache_key }}
# path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}

76
.github/workflows/core-unit-test.yml vendored
View File

@ -1,76 +0,0 @@
name: Unit test core
on:
workflow_call:
inputs:
go_version:
required: true
type: string
core_cache_key:
required: true
type: string
core_cache_path:
required: true
type: string
crdb_version:
required: false
type: string
secrets:
CODECOV_TOKEN:
required: true
jobs:
test:
runs-on:
group: zitadel-public
steps:
-
uses: actions/checkout@v3
-
uses: actions/setup-go@v5
with:
go-version: ${{ inputs.go_version }}
-
uses: actions/cache/restore@v4
timeout-minutes: 1
name: restore core
id: restore-core
with:
path: ${{ inputs.core_cache_path }}
key: ${{ inputs.core_cache_key }}
fail-on-cache-miss: true
-
id: go-cache-path
name: set cache path
run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT
-
uses: actions/cache/restore@v4
id: cache
timeout-minutes: 1
continue-on-error: true
name: restore previous results
with:
key: unit-test-${{ inputs.core_cache_key }}
restore-keys: |
unit-test-core-
path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}
-
name: test
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
run: make core_unit_test
-
name: publish coverage
uses: codecov/codecov-action@v4.3.0
with:
file: profile.cov
name: core-unit-tests
flags: core-unit-tests
token: ${{ secrets.CODECOV_TOKEN }}
-
uses: actions/cache/save@v4
name: cache results
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
with:
key: unit-test-${{ inputs.core_cache_key }}
path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }}

83
.github/workflows/core.yml vendored
View File

@ -1,83 +0,0 @@
name: Build core
on:
workflow_call:
inputs:
go_version:
required: true
type: string
buf_version:
required: true
type: string
node_version:
required: true
type: string
outputs:
cache_key:
value: ${{ jobs.build.outputs.cache_key }}
cache_path:
value: ${{ jobs.build.outputs.cache_path }}
env:
cache_path: |
internal/statik/statik.go
internal/notification/statik/statik.go
internal/api/ui/login/static/resources/themes/zitadel/css/zitadel.css*
internal/api/ui/login/statik/statik.go
internal/api/assets/authz.go
internal/api/assets/router.go
openapi/v2
pkg/grpc/**/*.pb.*
jobs:
build:
runs-on:
group: zitadel-public
outputs:
cache_key: ${{ steps.cache.outputs.cache-primary-key }}
cache_path: ${{ env.cache_path }}
steps:
-
uses: actions/checkout@v4
-
uses: actions/cache/restore@v4
timeout-minutes: 1
continue-on-error: true
id: cache
with:
key: core-${{ hashFiles( 'go.*', 'openapi', 'cmd', 'pkg/grpc/**/*.go', 'proto', 'internal') }}
restore-keys: |
core-
path: ${{ env.cache_path }}
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: bufbuild/buf-setup-action@v1
with:
github_token: ${{ github.token }}
version: ${{ inputs.buf_version }}
-
# node to install sass
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: actions/setup-node@v4
with:
node-version: ${{ inputs.node_version }}
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
run: npm install -g sass
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: actions/setup-go@v5
with:
go-version: ${{ inputs.go_version }}
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
run: make core_build
-
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v4
with:
key: ${{ steps.cache.outputs.cache-primary-key }}
path: ${{ env.cache_path }}

102
.github/workflows/lint.yml vendored
View File

@ -1,102 +0,0 @@
name: Lint
on:
workflow_call:
inputs:
node_version:
required: true
type: string
go_version:
required: true
type: string
buf_version:
required: true
type: string
go_lint_version:
required: true
type: string
core_cache_key:
required: true
type: string
core_cache_path:
required: true
type: string
jobs:
lint-skip:
name: lint skip
runs-on: ubuntu-latest
if: ${{ github.event_name != 'pull_request' }}
steps:
- name: Lint skip
run: |
echo "Linting outside of pull requests is skipped"
api:
name: api
runs-on: ubuntu-latest
continue-on-error: true
if: ${{ github.event_name == 'pull_request' }}
steps:
-
uses: actions/checkout@v4
-
uses: bufbuild/buf-setup-action@v1
with:
version: ${{ inputs.buf_version }}
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: lint
uses: bufbuild/buf-lint-action@v1
-
uses: bufbuild/buf-breaking-action@v1
with:
against: "https://github.com/${{ github.repository }}.git#branch=${{ github.base_ref }}"
console:
if: ${{ github.event_name == 'pull_request' }}
name: console
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
uses: actions/setup-node@v4
with:
node-version: ${{ inputs.node_version }}
cache: 'yarn'
cache-dependency-path: console/yarn.lock
-
run: cd console && yarn install
-
name: lint
run: make console_lint
core:
name: core
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
uses: actions/setup-go@v5
with:
go-version: ${{ inputs.go_version }}
-
uses: actions/cache/restore@v4
timeout-minutes: 1
name: restore core
with:
path: ${{ inputs.core_cache_path }}
key: ${{ inputs.core_cache_key }}
fail-on-cache-miss: true
-
uses: golangci/golangci-lint-action@v6
with:
version: ${{ inputs.go_lint_version }}
github-token: ${{ github.token }}
only-new-issues: true

148
.github/workflows/release.yml vendored
View File

@ -1,148 +0,0 @@
name: Release
on:
workflow_call:
inputs:
semantic_version:
required: true
type: string
build_image_name:
required: true
type: string
image_name:
required: true
type: string
google_image_name:
required: true
type: string
secrets:
GCR_JSON_KEY_BASE64:
description: 'base64 endcrypted key to connect to Google'
required: true
APP_ID:
description: 'GH App ID to request token for homebrew update'
required: true
APP_PRIVATE_KEY:
description: 'GH App Private Key to request token for homebrew update'
required: true
jobs:
version:
uses: ./.github/workflows/version.yml
with:
semantic_version: ${{ inputs.semantic_version }}
dry_run: false
# TODO: remove the publish job and publish releases directly with the @semantic-release/github plugin (remove draftRelease: true)
# as soon as it supports configuring the create release payload property make_latest to "legacy"
# https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release--parameters
publish:
runs-on: ubuntu-22.04
needs: [ version ]
steps:
- id: get_release
uses: cardinalby/git-get-release-action@v1
with:
commitSha: ${{ github.sha }}
draft: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish Release
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.repos.updateRelease({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: ${{ steps.get_release.outputs.id }},
draft: false,
make_latest: "legacy"
});
docker:
runs-on: ubuntu-22.04
needs: [ version ]
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Login to Docker registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Login to Google Artifact Registry
uses: docker/login-action@v3
with:
registry: europe-docker.pkg.dev
username: _json_key_base64
password: ${{ secrets.GCR_JSON_KEY_BASE64 }}
-
name: Publish ${{ needs.version.outputs.version }}
run: |
docker buildx imagetools create \
--tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }} \
${{ inputs.build_image_name }}
docker buildx imagetools create \
--tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }}-debug \
${{ inputs.build_image_name }}-debug
docker buildx imagetools create \
--tag ${{ inputs.google_image_name }}:${{ needs.version.outputs.version }} \
${{ inputs.build_image_name }}
-
name: Publish latest
if: ${{ github.ref_name == 'next' }}
run: |
docker buildx imagetools create \
--tag ${{ inputs.image_name }}:latest \
${{ inputs.build_image_name }}
docker buildx imagetools create \
--tag ${{ inputs.image_name }}:latest-debug \
${{ inputs.build_image_name }}-debug
homebrew-tap:
runs-on: ubuntu-22.04
needs: version
if: ${{ github.ref_name == 'next' }}
continue-on-error: true
steps:
- name: generate token
uses: tibdex/github-app-token@v2
id: generate-token
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Trigger Homebrew
env:
VERSION: ${{ needs.version.outputs.version }}
RUN_ID: ${{ github.run_id }}
GH_TOKEN: ${{ steps.generate-token.outputs.token }}
run: |
gh workflow -R zitadel/homebrew-tap run update.yml -f runId=${RUN_ID} -f version=${VERSION}
helm-chart:
runs-on: ubuntu-22.04
needs: version
if: ${{ github.ref_name == 'next' }}
continue-on-error: true
steps:
- name: generate token
uses: tibdex/github-app-token@v2
id: generate-token
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Trigger Chart Bump
env:
VERSION: ${{ needs.version.outputs.version }}
RUN_ID: ${{ github.run_id }}
GH_TOKEN: ${{ steps.generate-token.outputs.token }}
run: |
gh workflow -R zitadel/zitadel-charts run bump.yml

51
.github/workflows/version.yml vendored
View File

@ -1,51 +0,0 @@
name: Version
on:
workflow_call:
inputs:
semantic_version:
required: true
type: string
dry_run:
required: true
type: boolean
outputs:
version:
value: ${{ jobs.generate.outputs.version }}
published:
value: ${{jobs.generate.outputs.published }}
jobs:
generate:
runs-on: ubuntu-22.04
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
outputs:
version: ${{ steps.output.outputs.VERSION }}
published: ${{ steps.semantic.outputs.new_release_published }}
steps:
-
name: Source checkout
uses: actions/checkout@v4
-
uses: actions/download-artifact@v4
if: ${{ !inputs.dry_run }}
with:
path: .artifacts
-
name: Semantic Release
uses: cycjimmy/semantic-release-action@v4
id: semantic
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
dry_run: ${{ inputs.dry_run }}
semantic_version: ${{ inputs.semantic_version }}
extra_plugins: |
@semantic-release/exec@6.0.3
@semantic-release/github@10.0.2
-
name: output
id: output
run:
if [[ ! -z "${{ steps.semantic.outputs.new_release_version }}" ]]; then echo "VERSION=v${{ steps.semantic.outputs.new_release_version }}" >> "$GITHUB_OUTPUT"; else echo "VERSION=${{ github.sha }}" >> "$GITHUB_OUTPUT";fi