generate bundle: Support overwriting of annotations.yaml #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy | |
on: | |
push: | |
branches: | |
- '**' | |
- '!dependabot/**' | |
tags: | |
- 'v*' | |
- 'scorecard-kuttl/v*' | |
pull_request: | |
branches: [ master ] | |
jobs: | |
check_docs_only: | |
name: check_docs_only | |
runs-on: ubuntu-22.04 | |
outputs: | |
skip: ${{ steps.check_docs_only.outputs.skip }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- id: check_docs_only | |
# Since PR's are squashed prior to merging to the branch checked out (default branch), | |
# HEAD^ will resolve to the previous point in history. | |
run: | | |
REF="HEAD^" | |
[[ -z "${{ github.base_ref }}" ]] || REF=$(git show-ref ${{ github.base_ref }} | head -1 | cut -d' ' -f2) | |
echo "skip=$(.github/workflows/check-docs-only.sh $REF)" >> $GITHUB_OUTPUT | |
# Job to test release steps. This will only create a release remotely if run on a tagged commit. | |
goreleaser: | |
name: goreleaser | |
needs: check_docs_only | |
# Run this job on a tag like 'vX.Y.Z' or on a branch or pull request with code changes. | |
if: startsWith(github.ref, 'refs/tags/v') || ( needs.check_docs_only.outputs.skip != 'true' && !startsWith(github.ref, 'refs/tags/') ) | |
runs-on: ubuntu-22.04 | |
environment: deploy | |
steps: | |
- name: checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: install | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- name: gpg init | |
if: ${{ github.event_name != 'pull_request' }} | |
run: .ci/gpg/create-keyring.sh | |
env: | |
GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} | |
- name: release | |
run: | | |
if [[ $GITHUB_REF != refs/tags/v* ]]; then | |
export DRY_RUN=1 | |
fi | |
make release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Job matrix for image builds. Only pushes if a tag with prefix "v" is present. | |
images: | |
name: images | |
needs: check_docs_only | |
# Run this job on a tag like 'vX.Y.Z' or on a branch or pull request with code changes. | |
if: startsWith(github.ref, 'refs/tags/v') || ( needs.check_docs_only.outputs.skip != 'true' && !startsWith(github.ref, 'refs/tags/') ) | |
runs-on: ubuntu-22.04 | |
environment: deploy | |
strategy: | |
matrix: | |
id: ["operator-sdk", "helm-operator", "scorecard-test"] | |
steps: | |
- name: set up qemu | |
uses: docker/setup-qemu-action@v3 | |
- name: set up buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: quay.io login | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
registry: quay.io | |
# Check out repo before tag step for script. | |
- name: checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: create tags | |
id: tags | |
run: | | |
IMG=quay.io/${{ github.repository_owner }}/${{ matrix.id }} | |
echo tags=$(.github/workflows/get_image_tags.sh "$IMG" "v") >> $GITHUB_OUTPUT | |
- name: build and push | |
uses: docker/build-push-action@v6 | |
with: | |
file: ./images/${{ matrix.id }}/Dockerfile | |
context: . | |
platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x | |
# Push on tag, or master or latest branch push. | |
push: ${{ (github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/tags/') || github.ref == 'refs/heads/master' || github.ref == 'refs/heads/latest')) }} | |
tags: ${{ steps.tags.outputs.tags }} | |
# scorecard-test-kuttl image build job. Only pushes if a tag with prefix "scorecard-kuttl/v" is present. | |
image-scorecard-test-kuttl: | |
name: image-scorecard-test-kuttl | |
needs: check_docs_only | |
# Run this job on a tag like 'scorecard-kuttl/vX.Y.Z' or on a branch or pull request with code changes. | |
if: startsWith(github.ref, 'refs/tags/scorecard-kuttl/v') || ( needs.check_docs_only.outputs.skip != 'true' && !startsWith(github.ref, 'refs/tags/') ) | |
runs-on: ubuntu-22.04 | |
environment: deploy | |
steps: | |
- name: set up qemu | |
uses: docker/setup-qemu-action@v3 | |
- name: set up buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: quay.io login | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
registry: quay.io | |
# Check out repo before tag step for script. | |
- name: checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: create tags | |
id: tags | |
run: | | |
IMG=quay.io/${{ github.repository_owner }}/scorecard-test-kuttl | |
echo tags=$(.github/workflows/get_image_tags.sh "$IMG" "scorecard-kuttl/v") >> $GITHUB_OUTPUT | |
- name: build and push | |
uses: docker/build-push-action@v6 | |
with: | |
file: ./images/scorecard-test-kuttl/Dockerfile | |
context: . | |
# s390x is not supported by the scorecard-test-kuttl base image. | |
platforms: linux/amd64,linux/arm64,linux/ppc64le | |
# Push on tag, or master branch push. | |
push: ${{ (github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/tags/') || github.ref == 'refs/heads/master')) }} | |
tags: ${{ steps.tags.outputs.tags }} |