Skip to content

Merge pull request #390 from privacybydesign/dependabot/go_modules/gi… #68

Merge pull request #390 from privacybydesign/dependabot/go_modules/gi…

Merge pull request #390 from privacybydesign/dependabot/go_modules/gi… #68

Workflow file for this run

name: Delivery
on:
push:
branches: [ master ]
release:
# Note: a current limitation is that when a release is edited after publication, then the Docker tags are not automatically updated.
types: [ published ]
permissions:
contents: write
packages: write
# Disable concurrency to prevent that images are tagged in the wrong order.
concurrency:
group: delivery
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
is-head-master: ${{ steps.is-head-master.outcome == 'success' }}
is-latest-release: ${{ steps.is-latest-release.outcome == 'success' }}
steps:
- uses: actions/checkout@v4
with:
ref: master
fetch-depth: 0
- name: Check whether the release is merged to master
run: git branch --contains ${{ github.sha }} | grep -x "* master"
shell: bash
- name: Check whether this event is the HEAD of master
continue-on-error: true
id: is-head-master
run: git rev-parse HEAD | grep -x ${{ github.sha }}
shell: bash
- uses: actions/checkout@v4
- name: Check whether version.go contains the new version number
if: github.event_name == 'release'
run: cat version.go | grep ${GITHUB_REF_NAME:1}
shell: bash
- name: Check whether CHANGELOG.md contains the new version number
if: github.event_name == 'release'
run: cat CHANGELOG.md | grep "\[${GITHUB_REF_NAME:1}\]"
shell: bash
- name: Check whether the release is latest
continue-on-error: true
id: is-latest-release
if: github.event_name == 'release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh release view --json tagName --jq .tagName | grep -x ${{ github.event.release.tag_name }}
shell: bash
build-docker-image:
runs-on: ubuntu-latest
needs: prepare
steps:
- uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Docker image
run: docker build -t ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} .
- name: Tag Docker image (edge)
if: needs.prepare.outputs.is-head-master == 'true'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:edge
- name: Tag Docker image (version)
if: github.event_name == 'release'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:${{ github.event.release.tag_name }}
- name: Tag Docker image (latest)
if: needs.prepare.outputs.is-latest-release == 'true'
run: docker tag ghcr.io/${{ github.repository_owner }}/irma:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/irma:latest
- name: Push Docker image (edge)
if: needs.prepare.outputs.is-head-master == 'true'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:edge
- name: Push Docker image (version)
if: github.event_name == 'release'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:${{ github.event.release.tag_name }}
- name: Tag Docker image (latest)
if: needs.prepare.outputs.is-latest-release == 'true'
run: docker push ghcr.io/${{ github.repository_owner }}/irma:latest
build-release-artifact:
needs: prepare
runs-on: ubuntu-latest
strategy:
matrix:
os: [ linux, darwin, windows ]
arch: [ amd64, 386, arm, arm64 ]
exclude:
- os: darwin
arch: 386
- os: darwin
arch: arm
steps:
- uses: actions/checkout@v4
- name: Build artifact
uses: ./.github/actions/build
id: build
with:
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: irma-${{ matrix.os }}-${{ matrix.arch }}
path: ${{ steps.build.outputs.artifact-name }}
- name: Upload artifact to release
if: github.event_name == 'release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh release upload ${{ github.event.release.tag_name }} ${{ steps.build.outputs.artifact-name }}