name: ZITADEL Release on: push: branches: - '**' tags-ignore: - '**' # disabled due to a bug -> https://github.community/t/403-error-on-container-registry-push-from-github-action/173071/2 # pull_request: # branches: # - '**' env: REGISTRY: ghcr.io NODE_VERSION: '12' GO_VERSION: '1.15' OPERATOR_IMAGE_NAME: ${{ github.repository }}-operator CRDB_IMAGE_NAME: ${{ github.repository }}-crbackup ARTIFACTS_FOLDER: './artifacts' jobs: refs: name: Prepare CI Vars runs-on: ubuntu-18.04 outputs: sha_short: ${{ steps.refs.outputs.sha_short }} short_ref: ${{ steps.refs.outputs.short_ref }} version: ${{ steps.refs.outputs.version }} steps: - name: Source checkout uses: actions/checkout@v2 - name: Semantic Release id: semantic uses: cycjimmy/semantic-release-action@v2 with: dry_run: true semantic_version: 17.0.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set outputs id: refs run: | export BRANCH=${GITHUB_REF#refs/*/} echo "branch: ${BRANCH}" export BRANCHTRANSLATED=$(echo ${BRANCH} | tr '/' '_') echo "short_ref: ${BRANCHTRANSLATED}" export VERSION="" if ${{ steps.semantic.outputs.new_release_published == 'true' }}; then export VERSION=${{ steps.semantic.outputs.new_release_version }} else export VERSION=${BRANCHTRANSLATED} fi echo "New semantic release: ${{ steps.semantic.outputs.new_release_published }}" echo "version: ${VERSION}" echo "::set-output name=short_ref::${BRANCHTRANSLATED}" echo "::set-output name=sha_short::SHA-$(git rev-parse --short=12 HEAD)" echo "::set-output name=version::${VERSION}" zitadel-image: name: Build ZITADEL needs: refs runs-on: ubuntu-18.04 steps: - name: Source checkout uses: actions/checkout@v2 - name: Cache Docker layers uses: actions/cache@v2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-zitadel-${{ hashFiles('**/go.sum', 'console/package-lock.json', 'build/dockerfile') }} restore-keys: | ${{ runner.os }}-zitadel- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - run: ls -la - uses: docker/build-push-action@v2 with: context: . file: ./build/dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ github.repository }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new - uses: docker/build-push-action@v2 with: context: . file: ./build/dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ github.repository }}:coverage push: false cache-from: type=local,src=/tmp/.buildx-cache-new target: go-codecov outputs: type=local,dest=/tmp/zitadel - uses: codecov/codecov-action@v1 with: files: /tmp/zitadel/profile.cov name: codecov-go - # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache operator-image: needs: refs runs-on: ubuntu-18.04 name: Build ZITADEL Operator ${{ matrix.goos }}-${{ matrix.goarch }} strategy: matrix: goos: [ 'linux', 'darwin', 'windows' ] goarch: [ 'amd64' ] steps: - name: Source checkout uses: actions/checkout@v2 - name: Cache Docker layers uses: actions/cache@v2 with: path: /tmp/.buildx-cache key: ${{ matrix.goos }}-${{ matrix.goarch }}-operator-image-${{ hashFiles('**/go.sum', 'build/operator/Dockerfile') }} restore-keys: | ${{ matrix.goos }}-${{ matrix.goarch }}-operator-image- - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - uses: docker/build-push-action@v2 name: onlybuild with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.short_ref }} push: false cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new outputs: type=local,dest=/tmp/operator build-args: | OS=${{ matrix.goos }} ARCH=${{ matrix.goarch }} VERSION=${{ needs.refs.outputs.version }} GITHUBOAUTHCLIENTID=${{ secrets.GITHUBOAUTHCLIENTID }} GITHUBOAUTHCLIENTSECRET=${{ secrets.GITHUBOAUTHCLIENTSECRET }} - shell: bash run: | mv /tmp/operator/zitadelctl /tmp/operator/zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} - uses: actions/upload-artifact@v2 with: name: zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} path: /tmp/operator/zitadelctl-${{ matrix.goos }}-${{ matrix.goarch }} - uses: docker/build-push-action@v2 if: ${{ matrix.goos == 'linux' && matrix.goarch == 'amd64' }} name: buildandpush with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ env.OPERATOR_IMAGE_NAME }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=local,src=/tmp/.buildx-cache-new build-args: | OS=${{ matrix.goos }} ARCH=${{ matrix.goarch }} VERSION=${{ needs.refs.outputs.version }} - uses: docker/build-push-action@v2 with: context: . file: ./build/operator/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ github.repository }}:coverage push: false cache-from: type=local,src=/tmp/.buildx-cache-new target: go-codecov outputs: type=local,dest=/tmp/operator - uses: codecov/codecov-action@v1 with: files: /tmp/operator/profile.cov name: codecov-go - # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache crdb-image: name: Build CockroachDB Image needs: refs runs-on: ubuntu-18.04 steps: - name: Source checkout uses: actions/checkout@v2 - name: Cache Docker layers uses: actions/cache@v2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-crdb-image-${{ hashFiles('build/cr-backup/Dockerfile') }} restore-keys: | ${{ runner.os }}-crdb-image- - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - uses: docker/build-push-action@v2 name: buildandpush with: context: . file: ./build/cr-backup/Dockerfile platforms: linux/amd64 tags: ${{ env.REGISTRY }}/${{ env.CRDB_IMAGE_NAME }}:${{ needs.refs.outputs.sha_short }},${{ env.REGISTRY }}/${{ env.CRDB_IMAGE_NAME }}:${{ needs.refs.outputs.short_ref }} push: true cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,mode=max,dest=/tmp/.buildx-cache release: name: Semantic Release Images and Artifacts runs-on: ubuntu-18.04 needs: [ refs, zitadel-image, operator-image, crdb-image ] env: DOCKER_USERNAME: ${{ github.repository_owner }} DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} steps: - name: Source checkout uses: actions/checkout@v2 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - name: Docker Pull ZITADEL Image run: docker pull $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} - name: Docker Pull ZITADEL Operator Image run: docker pull $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} - name: Docker Pull CockroachDB Image run: docker pull $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} - name: Download zitadelctl Artifacts uses: actions/download-artifact@v2 with: path: ${{ env.ARTIFACTS_FOLDER }}/ - name: Workaround for exe run: | mv ${ARTIFACTS_FOLDER}/zitadelctl-windows-amd64/zitadelctl-windows-amd64 ${ARTIFACTS_FOLDER}/zitadelctl-windows-amd64/zitadelctl-windows-amd64.exe find ${ARTIFACTS_FOLDER} - name: Run Semantic Release id: semantic uses: cycjimmy/semantic-release-action@v2 with: dry_run: false semantic_version: 17.0.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Echo Semantic Release Versions if: steps.semantic.outputs.new_release_published == 'true' run: | echo ${{ steps.semantic.outputs.new_release_version }} echo ${{ steps.semantic.outputs.new_release_major_version }} echo ${{ steps.semantic.outputs.new_release_minor_version }} echo ${{ steps.semantic.outputs.new_release_patch_version }} - name: Docker Tag Version run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:${{ steps.semantic.outputs.new_release_version }} docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Tag Latest run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:latest docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:latest docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:latest if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Push Version run: | docker push $REGISTRY/$GITHUB_REPOSITORY:${{ steps.semantic.outputs.new_release_version }} docker push $REGISTRY/$OPERATOR_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} docker push $REGISTRY/$CRDB_IMAGE_NAME:${{ steps.semantic.outputs.new_release_version }} if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Push Latest run: | docker push $REGISTRY/$GITHUB_REPOSITORY:latest docker push $REGISTRY/$OPERATOR_IMAGE_NAME:latest docker push $REGISTRY/$CRDB_IMAGE_NAME:latest if: steps.semantic.outputs.new_release_published == 'true' - name: Docker Tag Version run: | docker tag $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.short_ref }} docker tag $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} docker tag $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.sha_short }} $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' - name: Docker Push Version run: | docker push $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.short_ref }} docker push $REGISTRY/$OPERATOR_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} docker push $REGISTRY/$CRDB_IMAGE_NAME:${{ needs.refs.outputs.short_ref }} if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' - name: Development Release id: create_release uses: ncipollo/release-action@v1.8.1 if: steps.semantic.outputs.new_release_published != 'true' && needs.refs.outputs.short_ref != 'main' && needs.refs.outputs.short_ref != '' with: artifacts: "${{ env.ARTIFACTS_FOLDER }}/zitadelctl-darwin-amd64/zitadelctl-darwin-amd64,${{ env.ARTIFACTS_FOLDER }}/zitadelctl-linux-amd64/zitadelctl-linux-amd64,${{ env.ARTIFACTS_FOLDER }}/zitadelctl-windows-amd64/zitadelctl-windows-amd64.exe" body: | This is a release from a development branch. Do not use these artifacts in production. tag: ${{ needs.refs.outputs.short_ref }}-dev commit: ${{ needs.refs.outputs.short_ref }} name: Branch ${{ needs.refs.outputs.short_ref }} token: ${{ secrets.GITHUB_TOKEN }} replacesArtifacts: true prerelease: true draft: false allowUpdates: true