Release #1754
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- 'v*' | |
permissions: | |
contents: read | |
id-token: write | |
jobs: | |
release: | |
name: Release | |
runs-on: | |
- self-hosted | |
- medium | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }} | |
- name: Install NIX | |
uses: cachix/install-nix-action@v30 | |
- name: Install devbox | |
uses: jetify-com/[email protected] | |
with: | |
enable-cache: true | |
skip-nix-installation: true | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/kommander-applications | |
aws-region: us-west-2 | |
- name: Extract tag name | |
shell: bash | |
run: echo "GIT_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
- name: Release | |
env: | |
DOCKER_USERNAME: ${{ secrets.NEXUS_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
GIT_TAG: ${{ env.GIT_TAG }} | |
run: devbox run -- just release | |
- name: Release OCI artifact | |
env: | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
GIT_TAG: ${{ env.GIT_TAG }} | |
run: devbox run -- just release-oci | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Release kommander applications server | |
env: | |
GIT_TAG: ${{ env.GIT_TAG }} | |
run: | | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
devbox run -- just release-server | |
send_message: | |
runs-on: | |
- self-hosted | |
- small | |
needs: | |
- "release" | |
if: ${{ always() }} | |
steps: | |
- name: Send slack message if any of the release jobs failed | |
if: ${{contains(needs.*.result, 'failure') }} | |
uses: slackapi/[email protected] | |
env: | |
SLACK_WEBHOOK_URL: ${{ endsWith(github.ref_name, '-dev') && secrets.DKP_TESTING_ALERTMANAGER_SLACK_URL || secrets.SLACK_WEBHOOK_NTNX_NCNDKPSHIPIT }} | |
with: | |
payload: | | |
{ | |
"blocks": [ | |
{ | |
"type": "header", | |
"text": { | |
"type": "plain_text", | |
"text": ":github: :x: ${{github.repository}} release ${{ github.ref_name }} failed", | |
"emoji": true | |
} | |
}, | |
{ | |
"type": "section", | |
"text": { | |
"type": "mrkdwn", | |
"text": "Rerun the failed job(s) at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
} | |
} | |
] | |
} | |
- name: Send slack message when all release jobs completed successfully | |
if: ${{ !contains(needs.*.result, 'failure') && !endsWith(github.ref_name, '-dev') }} # No need to send a message on daily releases. | |
uses: slackapi/[email protected] | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_NTNX_NCNDKPSHIPIT }} | |
with: | |
payload: | | |
{ | |
"blocks": [ | |
{ | |
"type": "header", | |
"text": { | |
"type": "plain_text", | |
"text": ":github: :heavy_check_mark: ${{github.repository}} - Release ${{ github.ref_name }} successful :rocket:", | |
"emoji": true | |
} | |
}, | |
{ | |
"type": "section", | |
"text": { | |
"type": "mrkdwn", | |
"text": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
} | |
} | |
] | |
} |