name: Release on: workflow_call: inputs: semantic_version: required: true type: string build_image_name: required: true type: string image_name: required: true type: string google_image_name: required: true type: string secrets: GCR_JSON_KEY_BASE64: description: 'base64 endcrypted key to connect to Google' required: true APP_ID: description: 'GH App ID to request token for homebrew update' required: true APP_PRIVATE_KEY: description: 'GH App Private Key to request token for homebrew update' required: true jobs: version: uses: ./.github/workflows/version.yml with: semantic_version: ${{ inputs.semantic_version }} dry_run: false # TODO: remove the publish job and publish releases directly with the @semantic-release/github plugin (remove draftRelease: true) # as soon as it supports configuring the create release payload property make_latest to "legacy" # https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release--parameters publish: runs-on: ubuntu-22.04 needs: [ version ] steps: - id: get_release uses: cardinalby/git-get-release-action@v1 with: commitSha: ${{ github.sha }} draft: true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Publish Release uses: actions/github-script@v7 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | github.rest.repos.updateRelease({ owner: context.repo.owner, repo: context.repo.repo, release_id: ${{ steps.get_release.outputs.id }}, draft: false, make_latest: "legacy" }); docker: runs-on: ubuntu-22.04 needs: [ version ] steps: - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Docker registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Google Artifact Registry uses: docker/login-action@v3 with: registry: europe-docker.pkg.dev username: _json_key_base64 password: ${{ secrets.GCR_JSON_KEY_BASE64 }} - name: Publish ${{ needs.version.outputs.version }} run: | docker buildx imagetools create \ --tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }} \ ${{ inputs.build_image_name }} docker buildx imagetools create \ --tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }}-debug \ ${{ inputs.build_image_name }}-debug docker buildx imagetools create \ --tag ${{ inputs.google_image_name }}:${{ needs.version.outputs.version }} \ ${{ inputs.build_image_name }} - name: Publish latest if: ${{ github.ref_name == 'next' }} run: | docker buildx imagetools create \ --tag ${{ inputs.image_name }}:latest \ ${{ inputs.build_image_name }} docker buildx imagetools create \ --tag ${{ inputs.image_name }}:latest-debug \ ${{ inputs.build_image_name }}-debug homebrew-tap: runs-on: ubuntu-22.04 needs: version if: ${{ github.ref_name == 'next' }} continue-on-error: true steps: - name: generate token uses: tibdex/github-app-token@v2 id: generate-token with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - name: Trigger Homebrew env: VERSION: ${{ needs.version.outputs.version }} RUN_ID: ${{ github.run_id }} GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh workflow -R zitadel/homebrew-tap run update.yml -f runId=${RUN_ID} -f version=${VERSION} helm-chart: runs-on: ubuntu-22.04 needs: version if: ${{ github.ref_name == 'next' }} continue-on-error: true steps: - name: generate token uses: tibdex/github-app-token@v2 id: generate-token with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - name: Trigger Chart Bump env: VERSION: ${{ needs.version.outputs.version }} RUN_ID: ${{ github.run_id }} GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh workflow -R zitadel/zitadel-charts run bump.yml