release #274
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| env: | |
| IMAGE: ghcr.io/sergeii/swat4stats | |
| on: | |
| workflow_run: | |
| workflows: [ci] | |
| branches: [main] | |
| types: [completed] | |
| permissions: read-all | |
| concurrency: | |
| group: release | |
| cancel-in-progress: true | |
| jobs: | |
| plan-release-tag: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
| outputs: | |
| tag: ${{ steps.plan.outputs.new_tag }} | |
| version: ${{ steps.plan.outputs.new_version }} | |
| changelog: ${{ steps.plan.outputs.changelog }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: mathieudutour/github-tag-action@v6.2 | |
| id: plan | |
| with: | |
| dry_run: true | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| default_bump: false | |
| prepare-release: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| needs: plan-release-tag | |
| if: needs.plan-release-tag.outputs.version != '' | |
| outputs: | |
| release_sha: ${{ steps.select-commit.outputs.release_sha }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Install poetry | |
| run: pipx install poetry | |
| - name: Bump pyproject.toml version | |
| run: "poetry version ${{ needs.plan-release-tag.outputs.version }}" | |
| - name: Commit version changes | |
| uses: stefanzweifel/git-auto-commit-action@v7 | |
| id: commit-version | |
| with: | |
| commit_message: "chore(poetry): bump version to ${{ needs.plan-release-tag.outputs.version }}" | |
| commit_options: "--no-verify --signoff" | |
| file_pattern: pyproject.toml | |
| - name: Select release commit | |
| id: select-commit | |
| run: echo "release_sha=${{ steps.commit-version.outputs.commit_hash || github.sha }}" >> $GITHUB_OUTPUT | |
| # https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners | |
| build-arch-image: | |
| runs-on: ${{ matrix.platform.runner }} | |
| permissions: | |
| packages: write | |
| needs: [plan-release-tag, prepare-release] | |
| if: needs.plan-release-tag.outputs.tag != '' | |
| outputs: | |
| digest_amd64: ${{ steps.digest.outputs.amd64 }} | |
| digest_arm64: ${{ steps.digest.outputs.arm64 }} | |
| strategy: | |
| matrix: | |
| platform: | |
| - id: amd64 | |
| name: linux/amd64 | |
| runner: ubuntu-24.04 | |
| - id: arm64 | |
| name: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - name: Checkout at version commit | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ needs.prepare-release.outputs.release_sha }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Prepare image metadata | |
| uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: ${{ env.IMAGE }} | |
| - name: Build and push image by digest | |
| uses: docker/build-push-action@v6 | |
| id: build | |
| with: | |
| context: . | |
| file: dockerfile/prod/Dockerfile | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: ${{ matrix.platform.name }} | |
| outputs: type=image,"name=${{ env.IMAGE }}",push-by-digest=true,name-canonical=true,push=true | |
| build-args: | | |
| git_release_ver=${{ needs.plan-release-tag.outputs.tag }} | |
| git_release_sha=${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Export image digest | |
| id: digest | |
| run: echo "${{ matrix.platform.id }}=${{ steps.build.outputs.digest }}" >> $GITHUB_OUTPUT | |
| push-image-manifest: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| needs: [plan-release-tag, build-arch-image, prepare-release] | |
| steps: | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create and push multi-arch manifest | |
| run: >- | |
| docker buildx imagetools create | |
| -t ${{ env.IMAGE }}:latest | |
| -t ${{ env.IMAGE }}:${{ needs.plan-release-tag.outputs.tag }} | |
| ${{ env.IMAGE }}@${{ needs.build-arch-image.outputs.digest_amd64 }} | |
| ${{ env.IMAGE }}@${{ needs.build-arch-image.outputs.digest_arm64 }} | |
| - name: Inspect pushed manifest | |
| run: docker buildx imagetools inspect ${{ env.IMAGE }}:latest | |
| create-release-tag: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| needs: [plan-release-tag, prepare-release, push-image-manifest] | |
| if: needs.plan-release-tag.outputs.tag != '' | |
| steps: | |
| - name: Checkout at version commit | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ needs.prepare-release.outputs.release_sha }} | |
| - name: Create git tag | |
| uses: mathieudutour/github-tag-action@v6.2 | |
| with: | |
| commit_sha: ${{ needs.prepare-release.outputs.release_sha }} | |
| custom_tag: ${{ needs.plan-release-tag.outputs.tag }} | |
| tag_prefix: "" | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| default_bump: false | |
| - name: Create GitHub release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| tag: ${{ needs.plan-release-tag.outputs.tag }} | |
| name: Release ${{ needs.plan-release-tag.outputs.tag }} | |
| body: ${{ needs.plan-release-tag.outputs.changelog }} |