name: ZITADEL Release on: push: branches: - main tags-ignore: - '**' pull_request: branches: - '**' workflow_dispatch: env: REGISTRY: ghcr.io OPERATOR_IMAGE_NAME: ${{ github.repository }}-operator CRDB_IMAGE_NAME: ${{ github.repository }}-crbackup ARTIFACTS_FOLDER: './artifacts' jobs: refs: name: Prepare CI Vars runs-on: ubuntu-18.04 outputs: sha_short: ${{ steps.refs.outputs.sha_short }} short_ref: ${{ steps.refs.outputs.short_ref }} version: ${{ steps.refs.outputs.version }} steps: - name: Source checkout uses: actions/checkout@v2 - name: Semantic Release id: semantic uses: cycjimmy/semantic-release-action@v2 with: dry_run: true semantic_version: 17.0.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set outputs id: refs run: | export BRANCH=${GITHUB_REF#refs/*/} echo "branch: ${BRANCH}" export BRANCHTRANSLATED=$(echo ${BRANCH} | tr '/' '_') echo "short_ref: ${BRANCHTRANSLATED}" export VERSION="" if ${{ steps.semantic.outputs.new_release_published == 'true' }}; then export VERSION=${{ steps.semantic.outputs.new_release_version }} else export VERSION=${BRANCHTRANSLATED} fi echo "New semantic release: ${{ steps.semantic.outputs.new_release_published }}" echo "version: ${VERSION}" echo "::set-output name=short_ref::${BRANCHTRANSLATED}" echo "::set-output name=sha_short::SHA-$(git rev-parse --short=12 HEAD)" echo "::set-output name=version::${VERSION}" zitadel: name: Build ZITADEL needs: refs runs-on: ubuntu-18.04 steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - uses: docker/build-push-action@v2 with: context: . file: ./build/zitadel/Dockerfile platforms: linux/amd64 cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,scope=${{ github.workflow }},mode=max outputs: type=local,dest=/tmp/zitadel build-args: | VERSION=${{ needs.refs.outputs.version }} - uses: actions/upload-artifact@v2 with: name: zitadel path: /tmp/zitadel/ zitadel-codecov: name: Upload ZITADEL Codecov needs: [refs, zitadel] runs-on: ubuntu-18.04 steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - uses: docker/build-push-action@v2 with: context: . file: ./build/zitadel/Dockerfile platforms: linux/amd64 target: go-codecov cache-from: type=gha,scope=${{ github.workflow }} outputs: type=local,dest=/tmp/zitadel - uses: codecov/codecov-action@v1 with: name: zitadel-codecov files: /tmp/zitadel/profile.cov zitadel-console: name: Build ZITADEL Console needs: refs runs-on: ubuntu-18.04 steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - uses: docker/build-push-action@v2 with: context: . file: ./build/console/Dockerfile platforms: linux/amd64 cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,scope=${{ github.workflow }},mode=max outputs: type=local,dest=/tmp/zitadel-console - uses: actions/upload-artifact@v2 with: name: zitadel-console path: /tmp/zitadel-console/ zitadel-image: name: Package ZITADEL Image needs: [refs, zitadel, zitadel-console] runs-on: ubuntu-18.04 if: ${{ github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/main' }} steps: - name: Source checkout uses: actions/checkout@v2 - uses: actions/download-artifact@v2 with: name: zitadel path: .download/zitadel - uses: actions/download-artifact@v2 with: name: zitadel-console path: .download/zitadel/console - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - uses: docker/build-push-action@v2 with: context: . file: ./build/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ github.repository }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,scope=${{ github.workflow }},mode=max zitadel-operator: name: Build ZITADEL Operator ${{ matrix.goos }}-${{ matrix.goarch }} needs: refs runs-on: ubuntu-18.04 strategy: matrix: goos: [ 'linux', 'darwin', 'windows' ] goarch: [ 'amd64' ] steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - uses: docker/build-push-action@v2 with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 cache-from: type=gha,scope=${{ matrix.goos }}-${{ matrix.goarch }} cache-to: type=gha,scope=${{ matrix.goos }}-${{ matrix.goarch }},mode=max outputs: type=local,dest=/tmp/operator build-args: | OS=${{ matrix.goos }} ARCH=${{ matrix.goarch }} VERSION=${{ needs.refs.outputs.version }} GITHUBOAUTHCLIENTID=${{ secrets.GITHUBOAUTHCLIENTID }} GITHUBOAUTHCLIENTSECRET=${{ secrets.GITHUBOAUTHCLIENTSECRET }} - shell: bash run: | mv /tmp/operator/zitadelctl /tmp/operator/zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} - uses: actions/upload-artifact@v2 with: name: zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} path: /tmp/operator/zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} zitadel-operator-codecov: name: Upload ZITADEL Operator Codecov ${{ matrix.goos }}-${{ matrix.goarch }} needs: [refs, zitadel-operator] runs-on: ubuntu-18.04 strategy: matrix: goos: [ 'linux' ] goarch: [ 'amd64' ] steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - uses: docker/build-push-action@v2 with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 cache-from: type=gha,scope=${{ matrix.goos }}-${{ matrix.goarch }} target: go-codecov outputs: type=local,dest=/tmp/operator - uses: codecov/codecov-action@v1 with: files: /tmp/operator/profile.cov name: codecov-go zitadel-operator-image: name: Package ZITADEL Operator Image ${{ matrix.goos }}-${{ matrix.goarch }} needs: [refs, zitadel-operator] runs-on: ubuntu-18.04 if: ${{ github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/main' }} strategy: matrix: goos: [ 'linux' ] goarch: [ 'amd64' ] steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - uses: docker/build-push-action@v2 with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=gha,scope=${{ matrix.goos }}-${{ matrix.goarch }} build-args: | OS=${{ matrix.goos }} ARCH=${{ matrix.goarch }} VERSION=${{ needs.refs.outputs.version }} crdb-image: name: Package ZITADEL CockroachDB Image needs: refs runs-on: ubuntu-18.04 if: ${{ github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/main' }} steps: - name: Source checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - uses: docker/build-push-action@v2 name: buildandpush with: context: . file: ./build/cr-backup/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ env.CRDB_IMAGE_NAME }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ env.CRDB_IMAGE_NAME }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,scope=${{ github.workflow }} release: name: Semantic Release Images and Artifacts runs-on: ubuntu-18.04 needs: [ refs, zitadel-image, zitadel-operator-image, crdb-image ] if: ${{ github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/main' }} env: DOCKER_USERNAME: ${{ github.repository_owner }} DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} steps: - name: Source checkout uses: actions/checkout@v2 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - name: Docker Pull ZITADEL Image run: docker pull $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} - name: Docker Pull ZITADEL Operator Image run: docker pull $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} - name: Docker Pull CockroachDB Image run: docker pull $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} - name: Download zitadelctl Artifacts uses: actions/download-artifact@v2 with: path: ${{ env.ARTIFACTS_FOLDER }}/ - name: Workaround for exe run: | mv ${ARTIFACTS_FOLDER}/zitadelctl-windows-amd64/zitadelctl-windows-amd64 ${ARTIFACTS_FOLDER}/zitadelctl-windows-amd64/zitadelctl-windows-amd64.exe find ${ARTIFACTS_FOLDER} - name: Run Semantic Release id: semantic uses: cycjimmy/semantic-release-action@v2 with: dry_run: false semantic_version: 17.0.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Echo Semantic Release Versions if: steps.semantic.outputs.new_release_published == 'true' run: | echo ${{ steps.semantic.outputs.new_release_version }} echo ${{ steps.semantic.outputs.new_release_major_version }} echo ${{ steps.semantic.outputs.new_release_minor_version }} echo ${{ steps.semantic.outputs.new_release_patch_version }} - name: Docker Tag Version run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:${{ steps.semantic.outputs.new_release_version }} docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Tag Latest run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:latest docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:latest docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:latest if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Push Version run: | docker push $REGISTRY/$GITHUB_REPOSITORY:${{ steps.semantic.outputs.new_release_version }} docker push $REGISTRY/$OPERATOR_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} docker push $REGISTRY/$CRDB_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Push Latest run: | docker push $REGISTRY/$GITHUB_REPOSITORY:latest docker push $REGISTRY/$OPERATOR_IMAGE_NAME:latest docker push $REGISTRY/$CRDB_IMAGE_NAME:latest if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Tag Version run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.short_ref }} docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' - name: Docker Push Version run: | docker push $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.short_ref }} docker push $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} docker push $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' - name: Development Release id: create_release uses: ncipollo/release-action@v1.8.4 if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' with: artifacts: "${{ env.ARTIFACTS_FOLDER }}/zitadelctl-darwin-amd64/zitadelctl-darwin-amd64,${{ env.ARTIFACTS_FOLDER }}/zitadelctl-linux-amd64/zitadelctl-linux-amd64,${{ env.ARTIFACTS_FOLDER }}/zitadelctl-windows-amd64/zitadelctl-windows-amd64.exe" body: | This is a release from a development branch. Do not use these artifacts in production. tag: ${{ needs.refs.outputs.short_ref }}-dev commit: ${{ needs.refs.outputs.short_ref }} name: Branch ${{ needs.refs.outputs.short_ref }} token: ${{ secrets.GITHUB_TOKEN }} replacesArtifacts: true prerelease: true draft: false allowUpdates: true - name: Create Sentry release if: ${{ github.ref == 'refs/heads/main' }} uses: getsentry/action-release@v1 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ secrets.SENTRY_ORG }} SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} with: version: zitadel-${{ needs.refs.outputs.version }} projects: "console database-operator zitadel zitadel-operator zitadelctl"