From 1526d796c6c3d61596e516a845c55ae79007c970 Mon Sep 17 00:00:00 2001 From: tashima42 Date: Wed, 8 Apr 2026 16:27:05 -0300 Subject: [PATCH] Replace GoReleaser action --- .github/workflows/release.yaml | 173 ++++++++++++++++++++------------- 1 file changed, 105 insertions(+), 68 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8ce2d069e..42123663d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,10 +1,8 @@ name: Release - on: push: tags: - 'v*' - # GitHub settings / example values: # # org level vars: @@ -14,7 +12,6 @@ on: # repo level secrets: # - PUBLIC_REGISTRY_USERNAME # - PUBLIC_REGISTRY_PASSWORD - jobs: publish-images: permissions: @@ -36,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ github.ref_name}} @@ -50,7 +47,7 @@ jobs: secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials username | PRIME_REGISTRY_USERNAME ; secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials password | PRIME_REGISTRY_PASSWORD - name: Publish images - uses: rancher/ecm-distro-tools/actions/publish-image@575bb831c67edd950bfedb59d41dd127bd0005d6 # v0.65.2 + uses: rancher/ecm-distro-tools/actions/publish-image@dcb1a0f50ca91f9f9a1f34fa335a9182686234d5 # v0.66.3 with: image: eks-operator tag: ${{ github.ref_name }}${{ matrix.tag-suffix }} @@ -67,78 +64,118 @@ jobs: push-to-prime: true - name: Cleanup checksum files # in order to avoid goreleaser dirty state error, remove once rancher/ecm-distro-tools/actions/publish-image@main gets updated run: rm -f slsactl_*_checksums.txt* - release: permissions: contents: write # required for creating GH release runs-on: ubuntu-latest needs: publish-images steps: - - name: Checkout code - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - with: - fetch-depth: 0 - ref: ${{ github.ref_name}} - - name: Create release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for creating GH release - GORELEASER_CURRENT_TAG: ${{ github.ref_name }} # specify the tag to be released - id: goreleaser - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6 - with: - distribution: goreleaser - version: "~> v2" - args: release --clean --verbose - - name: Upload charts to release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for updating GH release - REPO: rancher # First name component for Docker repository to reference in `values.yaml` of the Helm chart release, this is expected to be `rancher`, image name is appended to this value - TAG: ${{ github.ref_name }} # image tag to be referenced in `values.yaml` of the Helm chart release - run: | - version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') - echo "Publishing helm charts (version: $version)" + - name: Checkout code + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + fetch-depth: 0 + ref: ${{ github.ref_name}} + - name: Setup goreleaser + shell: bash + run: |- + OS="Linux" + if [[ ${RUNNER_OS} != "Linux" ]]; then + echo "Unsupported OS: ${RUNNER_OS}" + exit 1 + fi - # Both version and appVersion are set to the same value in the Chart.yaml (excluding the 'v' prefix) - CHART_VERSION=$version GIT_TAG=$version make charts + # renovate-local: goreleaser-x86_64 + GORELEASER_VERSION="v2.15.2" + # renovate-local: goreleaser-x86_64=v2.15.2 + GORELEASER_CHECKSUM_x86_64="0ebdbf0353aba566b969dde746cc4e4806f96c27aa2f3971b229a9df7611fedc" - for f in $(find bin/ -name '*.tgz'); do - echo "Uploading $f to GitHub release $TAG" - gh release upload $TAG $f - done - echo "Charts successfully uploaded to GitHub release $TAG" - - name: Add charts to branch - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') - branch_version=v$(echo "$version" | cut -d'.' -f1,2) - charts_branch=charts/$branch_version - if [ ! -e ~/.gitconfig ]; then - git config --global user.name "eks-operator-bot" - git config --global user.email eks-operator@suse.de - fi - echo "Publishing helm chart in the branch $charts_branch" - if ! git ls-remote --exit-code --heads origin "$charts_branch"; then - git checkout --orphan "$charts_branch" - git rm -rf . - echo "# EKS Operator Helm Charts for $branch_version versions" > README.md - echo "The documentation is centralized in a unique place, checkout https://github.com/rancher/eks-operator." >> README.md - git checkout origin/main -- License .gitignore - git add README.md License .gitignore - git commit -m "Initial commit for $charts_branch" - else - git checkout . - git checkout "$charts_branch" - fi - mkdir -p charts - for f in $(find bin/ -name '*.tgz'); do - tar -xf $f -C charts/ - done - git add charts/**/* - git commit -m "Update charts to version $version" - git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git - git push origin "$charts_branch" + ARCH=$(uname -m) + CHECKSUM="${GORELEASER_CHECKSUM_x86_64}" + if [[ "${ARCH}" != "x86_64" ]]; then + echo "Unsupported architecture: ${ARCH}" + exit 1 + fi + FILE="goreleaser_${OS}_${ARCH}.tar.gz" + + echo "Installing ${FILE}" + curl -LO "https://github.com/goreleaser/goreleaser/releases/download/${GORELEASER_VERSION}/${FILE}" + echo "${CHECKSUM} ${FILE}" | sha256sum -c + tar -xf "${FILE}" goreleaser + + if sudo -n true &> /dev/null; then + sudo install -m 755 goreleaser /usr/local/bin/goreleaser + else + install -m 755 goreleaser /usr/local/bin/goreleaser + fi + rm -f "${FILE}" goreleaser + - name: Create release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for creating GH release + GORELEASER_CURRENT_TAG: ${{ github.ref_name }} # specify the tag to be released + id: goreleaser + shell: bash + run: |- + goreleaser release --clean --verbose + if [[ ! -f dist/metadata.json ]] || [[ ! -s dist/metadata.json ]]; then + echo "Missing required file: dist/metadata.json" + exit 1 + fi + if [[ ! -f dist/artifacts.json ]] || [[ ! -s dist/artifacts.json ]]; then + echo "Missing required file: dist/artifacts.json" + exit 1 + fi + echo "metadata=$(tr -d '\n\r' < dist/metadata.json)" >> "${GITHUB_OUTPUT}" + echo "artifacts=$(tr -d '\n\r' < dist/artifacts.json)" >> "${GITHUB_OUTPUT}" + - name: Upload charts to release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for updating GH release + REPO: rancher # First name component for Docker repository to reference in `values.yaml` of the Helm chart release, this is expected to be `rancher`, image name is appended to this value + TAG: ${{ github.ref_name }} # image tag to be referenced in `values.yaml` of the Helm chart release + run: | + version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') + echo "Publishing helm charts (version: $version)" + + # Both version and appVersion are set to the same value in the Chart.yaml (excluding the 'v' prefix) + CHART_VERSION=$version GIT_TAG=$version make charts + + for f in $(find bin/ -name '*.tgz'); do + echo "Uploading $f to GitHub release $TAG" + gh release upload $TAG $f + done + echo "Charts successfully uploaded to GitHub release $TAG" + - name: Add charts to branch + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') + branch_version=v$(echo "$version" | cut -d'.' -f1,2) + charts_branch=charts/$branch_version + if [ ! -e ~/.gitconfig ]; then + git config --global user.name "eks-operator-bot" + git config --global user.email eks-operator@suse.de + fi + echo "Publishing helm chart in the branch $charts_branch" + if ! git ls-remote --exit-code --heads origin "$charts_branch"; then + git checkout --orphan "$charts_branch" + git rm -rf . + echo "# EKS Operator Helm Charts for $branch_version versions" > README.md + echo "The documentation is centralized in a unique place, checkout https://github.com/rancher/eks-operator." >> README.md + git checkout origin/main -- License .gitignore + git add README.md License .gitignore + git commit -m "Initial commit for $charts_branch" + else + git checkout . + git checkout "$charts_branch" + fi + mkdir -p charts + for f in $(find bin/ -name '*.tgz'); do + tar -xf $f -C charts/ + done + git add charts/**/* + git commit -m "Update charts to version $version" + git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git + git push origin "$charts_branch" dispatch-chart-release: permissions: contents: read