Refactor release workflow to consolidate build steps and enhance Docker image handling
CI / Go Tests (push) Successful in 14s
CI / Build (push) Successful in 11s
Format / gofmt (push) Successful in 8s
Release Artifacts / Validate release tag (push) Successful in 1s
Release Artifacts / Build and release executables (push) Successful in 23s
Release Artifacts / Build and release Docker image (push) Failing after 5s
CI / Go Tests (push) Successful in 14s
CI / Build (push) Successful in 11s
Format / gofmt (push) Successful in 8s
Release Artifacts / Validate release tag (push) Successful in 1s
Release Artifacts / Build and release executables (push) Successful in 23s
Release Artifacts / Build and release Docker image (push) Failing after 5s
- Merged the test and release-binaries jobs into a single build-and-release-executables job for improved clarity. - Updated Docker image build and push steps to streamline the process and remove unnecessary artifact handling. - Enhanced permissions for Docker image publishing and adjusted environment variable usage for better security and efficiency.
This commit is contained in:
+28
-106
@@ -39,43 +39,10 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
test:
|
||||
name: Test release candidate
|
||||
build-and-release-executables:
|
||||
name: Build and release executables
|
||||
needs: validate-tag
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: "20"
|
||||
cache: npm
|
||||
cache-dependency-path: web/ui/package-lock.json
|
||||
|
||||
- name: Install UI deps
|
||||
run: npm --prefix ./web/ui ci
|
||||
|
||||
- name: Build UI assets
|
||||
run: npm --prefix ./web/ui run build
|
||||
|
||||
- name: Run tests
|
||||
run: make test
|
||||
|
||||
- name: Run race tests
|
||||
run: make test-race
|
||||
|
||||
release-binaries:
|
||||
name: Build executable release artifacts
|
||||
needs: [validate-tag, test]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -101,6 +68,12 @@ jobs:
|
||||
- name: Build UI assets
|
||||
run: npm --prefix ./web/ui run build
|
||||
|
||||
- name: Run tests
|
||||
run: make test
|
||||
|
||||
- name: Run race tests
|
||||
run: make test-race
|
||||
|
||||
- name: Build release binaries
|
||||
shell: bash
|
||||
run: |
|
||||
@@ -168,18 +141,23 @@ jobs:
|
||||
echo "- \`linux-arm64-static\`"
|
||||
} > RELEASE_NOTES.md
|
||||
|
||||
- name: Upload release bundle artifact
|
||||
uses: https://gitea.com/actions/gitea-upload-artifact@v4
|
||||
- name: Create release and upload archives
|
||||
uses: https://gitea.com/actions/gitea-release-action@v1
|
||||
with:
|
||||
name: release-bundle
|
||||
path: |-
|
||||
tag_name: ${{ needs.validate-tag.outputs.tag }}
|
||||
name: ${{ needs.validate-tag.outputs.tag }}
|
||||
prerelease: ${{ needs.validate-tag.outputs.prerelease }}
|
||||
body_path: RELEASE_NOTES.md
|
||||
files: |-
|
||||
scratchbox-${{ needs.validate-tag.outputs.tag }}-linux-*.tar.gz
|
||||
RELEASE_NOTES.md
|
||||
|
||||
docker-image:
|
||||
name: Build Docker image artifact
|
||||
needs: [validate-tag, test]
|
||||
build-and-release-docker-image:
|
||||
name: Build and release Docker image
|
||||
needs: [validate-tag, build-and-release-executables]
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
code: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -197,65 +175,9 @@ jobs:
|
||||
echo "registry_host=${host}" >> "${GITHUB_OUTPUT}"
|
||||
echo "image=${host}/${repo}" >> "${GITHUB_OUTPUT}"
|
||||
|
||||
- name: Build image
|
||||
env:
|
||||
IMAGE: ${{ steps.image.outputs.image }}
|
||||
VERSION_TAG: ${{ needs.validate-tag.outputs.tag }}
|
||||
shell: bash
|
||||
run: |
|
||||
set -eu
|
||||
docker build -t "${IMAGE}:${VERSION_TAG}" -t "${IMAGE}:latest" .
|
||||
docker save -o docker-image.tar "${IMAGE}:${VERSION_TAG}" "${IMAGE}:latest"
|
||||
{
|
||||
echo "IMAGE=${IMAGE}"
|
||||
echo "VERSION_TAG=${VERSION_TAG}"
|
||||
} > docker-image.env
|
||||
|
||||
- name: Upload docker bundle artifact
|
||||
uses: https://gitea.com/actions/gitea-upload-artifact@v4
|
||||
with:
|
||||
name: docker-bundle
|
||||
path: |-
|
||||
docker-image.tar
|
||||
docker-image.env
|
||||
|
||||
publish-release:
|
||||
name: Publish release
|
||||
needs: [validate-tag, release-binaries, docker-image]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Download release bundle
|
||||
uses: https://gitea.com/actions/gitea-download-artifact@v4
|
||||
with:
|
||||
name: release-bundle
|
||||
path: .
|
||||
|
||||
- name: Create release and upload archives
|
||||
uses: https://gitea.com/actions/gitea-release-action@v1
|
||||
with:
|
||||
tag_name: ${{ needs.validate-tag.outputs.tag }}
|
||||
name: ${{ needs.validate-tag.outputs.tag }}
|
||||
prerelease: ${{ needs.validate-tag.outputs.prerelease }}
|
||||
body_path: RELEASE_NOTES.md
|
||||
files: |-
|
||||
scratchbox-${{ needs.validate-tag.outputs.tag }}-linux-*.tar.gz
|
||||
|
||||
publish-docker:
|
||||
name: Publish Docker image
|
||||
needs: [validate-tag, release-binaries, docker-image]
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
code: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Download docker bundle
|
||||
uses: https://gitea.com/actions/gitea-download-artifact@v4
|
||||
with:
|
||||
name: docker-bundle
|
||||
path: .
|
||||
|
||||
- name: Login to registry
|
||||
env:
|
||||
REGISTRY_HOST: ${{ steps.image.outputs.registry_host }}
|
||||
REGISTRY_USER: ${{ secrets.REGISTRY_USERNAME }}
|
||||
REGISTRY_PASS: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
FALLBACK_USER: ${{ gitea.actor }}
|
||||
@@ -263,21 +185,21 @@ jobs:
|
||||
shell: bash
|
||||
run: |
|
||||
set -eu
|
||||
. ./docker-image.env
|
||||
registry_host="${IMAGE%%/*}"
|
||||
user="${REGISTRY_USER:-${FALLBACK_USER}}"
|
||||
pass="${REGISTRY_PASS:-${FALLBACK_PASS}}"
|
||||
if [ -z "${pass}" ]; then
|
||||
echo "No registry password available. Set REGISTRY_PASSWORD secret."
|
||||
exit 1
|
||||
fi
|
||||
printf '%s' "${pass}" | docker login "${registry_host}" --username "${user}" --password-stdin
|
||||
printf '%s' "${pass}" | docker login "${REGISTRY_HOST}" --username "${user}" --password-stdin
|
||||
|
||||
- name: Load and push Docker image tags
|
||||
- name: Build and push Docker image tags
|
||||
env:
|
||||
IMAGE: ${{ steps.image.outputs.image }}
|
||||
VERSION_TAG: ${{ needs.validate-tag.outputs.tag }}
|
||||
shell: bash
|
||||
run: |
|
||||
set -eu
|
||||
. ./docker-image.env
|
||||
docker load -i docker-image.tar
|
||||
docker build -t "${IMAGE}:${VERSION_TAG}" -t "${IMAGE}:latest" .
|
||||
docker push "${IMAGE}:${VERSION_TAG}"
|
||||
docker push "${IMAGE}:latest"
|
||||
|
||||
Reference in New Issue
Block a user